WordPress.org

Make WordPress Core

Changeset 6213


Ignore:
Timestamp:
10/09/2007 10:49:42 PM (14 years ago)
Author:
ryan
Message:

jquery for list manipulation. Round one, fight. Props mdawaffe. fixes #4805

Location:
trunk
Files:
1 added
26 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/admin-ajax.php

    r6125 r6213  
    55define('DOING_AJAX', true);
    66
    7 check_ajax_referer();
    87if ( !is_user_logged_in() )
    98    die('-1');
     
    1211add_action( 'shutdown', 'get_out_now', -1 );
    1312
    14 function wp_ajax_meta_row( $pid, $mid, $key, $value ) {
    15     $value = attribute_escape($value);
    16     $key_js = addslashes(wp_specialchars($key, 'double'));
    17     $key = attribute_escape($key);
    18     $r .= "<tr id='meta-$mid'><td valign='top'>";
    19     $r .= "<input name='meta[$mid][key]' tabindex='6' onkeypress='return killSubmit(\"theList.ajaxUpdater(&#039;meta&#039;,&#039;meta-$mid&#039;);\",event);' type='text' size='20' value='$key' />";
    20     $r .= "</td><td><textarea name='meta[$mid][value]' tabindex='6' rows='2' cols='30'>$value</textarea></td><td align='center'>";
    21     $r .= "<input name='updatemeta' type='button' class='updatemeta' tabindex='6' value='".attribute_escape(__('Update'))."' onclick='return theList.ajaxUpdater(&#039;meta&#039;,&#039;meta-$mid&#039;);' /><br />";
    22     $r .= "<input name='deletemeta[$mid]' type='submit' onclick=\"return deleteSomething( 'meta', $mid, '";
    23     $r .= js_escape(sprintf(__("You are about to delete the '%s' custom field on this post.\n'OK' to delete, 'Cancel' to stop."), $key_js));
    24     $r .= "' );\" class='deletemeta' tabindex='6' value='".attribute_escape(__('Delete'))."' /></td></tr>";
    25     return $r;
    26 }
    27 
    2813$id = (int) $_POST['id'];
    29 switch ( $_POST['action'] ) :
     14switch ( $action = $_POST['action'] ) :
     15case 'add-post' :
     16    check_ajax_referer( 'add-post' );
     17    add_filter( 'post_limits', $limit_filter = create_function( '$a', '$b = split(" ",$a); if ( !isset($b[2]) ) return $a; $start = intval(trim($b[1])) / 20 * 15; if ( !is_int($start) ) return $a; $start += intval(trim($b[2])) - 1; return "LIMIT $start, 1";' ) );
     18    wp_edit_posts_query( '_POST' );
     19    $posts_columns = wp_manage_posts_columns();
     20    ob_start();
     21        include( 'edit-post-rows.php' );
     22        $data = ob_get_contents();
     23    ob_end_clean();
     24    if ( !preg_match('|<tbody.+?>(.+)</tbody>|s', $data, $matches) )
     25        my_dump($data);
     26    $data = trim($matches[1]);
     27    $x = new WP_Ajax_Response( array( 'what' => 'post', 'id' => $id, 'data' => $data ) );
     28    $x->send();
     29    break;
    3030case 'delete-comment' :
     31    check_ajax_referer( "delete-comment_$id" );
    3132    if ( !$comment = get_comment( $id ) )
    3233        die('0');
     
    3435        die('-1');
    3536
    36     if ( wp_delete_comment( $comment->comment_ID ) )
     37    if ( isset($_POST['spam']) && 1 == $_POST['spam'] )
     38        $r = wp_set_comment_status( $comment->comment_ID, 'spam' );
     39    else
     40        $r = wp_delete_comment( $comment->comment_ID );
     41
     42    die( $r ? '1' : '0' );
     43    break;
     44case 'delete-cat' :
     45    check_ajax_referer( "delete-category_$id" );
     46    if ( !current_user_can( 'manage_categories' ) )
     47        die('-1');
     48
     49    if ( wp_delete_category( $id ) )
    3750        die('1');
    3851    else    die('0');
    3952    break;
    40 case 'delete-comment-as-spam' :
    41     if ( !$comment = get_comment( $id ) )
    42         die('0');
    43     if ( !current_user_can( 'edit_post', $comment->comment_post_ID ) )
    44         die('-1');
    45 
    46     if ( wp_set_comment_status( $comment->comment_ID, 'spam' ) )
     53case 'delete-link' :
     54    check_ajax_referer( "delete-bookmark_$id" );
     55    if ( !current_user_can( 'manage_links' ) )
     56        die('-1');
     57
     58    if ( wp_delete_link( $id ) )
    4759        die('1');
    4860    else    die('0');
    4961    break;
    50 case 'delete-cat' :
    51     if ( !current_user_can( 'manage_categories' ) )
    52         die('-1');
    53 
    54     if ( wp_delete_category( $id ) )
    55         die('1');
    56     else    die('0');
    57     break;
    58 case 'delete-link' :
    59     if ( !current_user_can( 'manage_links' ) )
    60         die('-1');
    61 
    62     if ( wp_delete_link( $id ) )
    63         die('1');
    64     else    die('0');
    65     break;
    6662case 'delete-meta' :
     63    check_ajax_referer( 'change_meta' );
    6764    if ( !$meta = get_post_meta_by_id( $id ) )
    6865        die('0');
     
    7471    break;
    7572case 'delete-post' :
     73    check_ajax_referer( "{$action}_$id" );
    7674    if ( !current_user_can( 'delete_post', $id ) )
    7775        die('-1');
     
    7977    if ( wp_delete_post( $id ) )
    8078        die('1');
    81     else    die('0');
     79    else
     80        die('0');
    8281    break;
    8382case 'delete-page' :
     83    check_ajax_referer( "{$action}_$id" );
    8484    if ( !current_user_can( 'delete_page', $id ) )
    8585        die('-1');
     
    9898
    9999    if ( 'unapproved' == wp_get_comment_status($comment->comment_ID) ) {
     100        check_ajax_referer( "approve-comment_$id" );
    100101        if ( wp_set_comment_status( $comment->comment_ID, 'approve' ) )
    101102            die('1');
    102103    } else {
     104        check_ajax_referer( "unapprove-comment_$id" );
    103105        if ( wp_set_comment_status( $comment->comment_ID, 'hold' ) )
    104106            die('1');
     
    107109    break;
    108110case 'add-category' : // On the Fly
     111    check_ajax_referer( $action );
    109112    if ( !current_user_can( 'manage_categories' ) )
    110113        die('-1');
     
    121124            'what' => 'category',
    122125            'id' => $cat_id,
    123             'data' => "<li id='category-$cat_id'><label for='in-category-$cat_id' class='selectit'><input value='$cat_id' type='checkbox' checked='checked' name='post_category[]' id='in-category-$cat_id'/> $cat_name</label></li>"
     126            'data' => "<li id='category-$cat_id'><label for='in-category-$cat_id' class='selectit'><input value='$cat_id' type='checkbox' checked='checked' name='post_category[]' id='in-category-$cat_id'/> $cat_name</label></li>",
     127            'position' => -1
    124128        ) );
    125129    }
     
    127131    break;
    128132case 'add-link-category' : // On the Fly
     133    check_ajax_referer( $action );
    129134    if ( !current_user_can( 'manage_categories' ) )
    130135        die('-1');
     
    137142        if ( !$cat_id = is_term( $cat_name, 'link_category' ) ) {
    138143            $cat_id = wp_insert_term( $cat_name, 'link_category' );
    139             $cat_id = $cat_id['term_id'];
    140144        }
     145        $cat_id = $cat_id['term_id'];
    141146        $cat_name = wp_specialchars(stripslashes($cat_name));
    142147        $x->add( array(
    143148            'what' => 'link-category',
    144149            'id' => $cat_id,
    145             'data' => "<li id='link-category-$cat_id'><label for='in-link-category-$cat_id' class='selectit'><input value='$cat_id' type='checkbox' checked='checked' name='link_category[]' id='in-link-category-$cat_id'/> $cat_name</label></li>"
     150            'data' => "<li id='link-category-$cat_id'><label for='in-link-category-$cat_id' class='selectit'><input value='$cat_id' type='checkbox' checked='checked' name='link_category[]' id='in-link-category-$cat_id'/> $cat_name</label></li>",
     151            'position' => -1
    146152        ) );
    147153    }
     
    149155    break;
    150156case 'add-cat' : // From Manage->Categories
     157    check_ajax_referer( 'add-category' );
    151158    if ( !current_user_can( 'manage_categories' ) )
    152159        die('-1');
     
    156163        die('0');
    157164    $level = 0;
    158     $cat_full_name = $cat->cat_name;
     165    $cat_full_name = $cat->name;
    159166    $_cat = $cat;
    160     while ( $_cat->category_parent ) {
    161         $_cat = get_category( $_cat->category_parent );
    162         $cat_full_name = $_cat->cat_name . ' &#8212; ' . $cat_full_name;
     167    while ( $_cat->parent ) {
     168        $_cat = get_category( $_cat->parent );
     169        $cat_full_name = $_cat->name . ' &#8212; ' . $cat_full_name;
    163170        $level++;
    164171    }
     
    167174    $x = new WP_Ajax_Response( array(
    168175        'what' => 'cat',
    169         'id' => $cat->cat_ID,
     176        'id' => $cat->term_id,
    170177        'data' => _cat_row( $cat, $level, $cat_full_name ),
    171         'supplemental' => array('name' => $cat_full_name, 'show-link' => sprintf(__( 'Category <a href="#%s">%s</a> added' ), "cat-$cat->cat_ID", $cat_full_name))
     178        'supplemental' => array('name' => $cat_full_name, 'show-link' => sprintf(__( 'Category <a href="#%s">%s</a> added' ), "cat-$cat->term_id", $cat_full_name))
    172179    ) );
    173180    $x->send();
    174181    break;
    175182case 'add-comment' :
     183    check_ajax_referer( $action );
    176184    if ( !current_user_can( 'edit_post', $id ) )
    177185        die('-1');
    178186    $search = isset($_POST['s']) ? $_POST['s'] : false;
    179     $start = isset($_POST['page']) ? intval($_POST['page']) * 25 : 25;
     187    $start = isset($_POST['page']) ? intval($_POST['page']) * 25 - 1: 24;
    180188
    181189    list($comments, $total) = _wp_get_comment_list( $search, $start, 1 );
     
    199207    break;
    200208case 'add-meta' :
    201     if ( !current_user_can( 'edit_post', $id ) )
    202         die('-1');
    203     if ( $id < 0 ) {
    204         $now = current_time('timestamp', 1);
    205         if ( $pid = wp_insert_post( array(
    206             'post_title' => sprintf('Draft created on %s at %s', date(get_option('date_format'), $now), date(get_option('time_format'), $now))
    207         ) ) ) {
    208             if ( is_wp_error( $pid ) )
    209                 return $pid;
    210             $mid = add_meta( $pid );
     209    check_ajax_referer( 'change_meta' );
     210    $c = 0;
     211    $pid = (int) $_POST['post_id'];
     212    if ( isset($_POST['addmeta']) ) {
     213        if ( !current_user_can( 'edit_post', $pid ) )
     214            die('-1');
     215        if ( $pid < 0 ) {
     216            $now = current_time('timestamp', 1);
     217            if ( $pid = wp_insert_post( array(
     218                'post_title' => sprintf('Draft created on %s at %s', date(get_option('date_format'), $now), date(get_option('time_format'), $now))
     219            ) ) ) {
     220                if ( is_wp_error( $pid ) ) {
     221                    $x = new WP_Ajax_Response( array(
     222                        'what' => 'meta',
     223                        'data' => $pid
     224                    ) );
     225                    $x->send();
     226                }
     227                $mid = add_meta( $pid );
     228            } else {
     229                die('0');
     230            }
     231        } else if ( !$mid = add_meta( $pid ) ) {
     232            die('0');
    211233        }
    212         else
    213             die('0');
    214     } else if ( !$mid = add_meta( $id ) ) {
    215         die('0');
    216     }
    217 
    218     $meta = get_post_meta_by_id( $mid );
    219     $key = $meta->meta_key;
    220     $value = $meta->meta_value;
    221     $pid = (int) $meta->post_id;
    222 
    223     $x = new WP_Ajax_Response( array(
    224         'what' => 'meta',
    225         'id' => $mid,
    226         'data' => wp_ajax_meta_row( $pid, $mid, $key, $value ),
    227         'supplemental' => array('postid' => $pid)
    228     ) );
    229     $x->send();
    230     break;
    231 case 'update-meta' :
    232     $mid = (int) array_pop(array_keys($_POST['meta']));
    233     $key = $_POST['meta'][$mid]['key'];
    234     $value = $_POST['meta'][$mid]['value'];
    235     if ( !$meta = get_post_meta_by_id( $mid ) )
    236         die('0'); // if meta doesn't exist
    237     if ( !current_user_can( 'edit_post', $meta->post_id ) )
    238         die('-1');
    239     if ( $u = update_meta( $mid, $key, $value ) ) {
     234
     235        $meta = get_post_meta_by_id( $mid );
     236        $pid = (int) $meta->post_id;
     237        $meta = get_object_vars( $meta );
     238        $x = new WP_Ajax_Response( array(
     239            'what' => 'meta',
     240            'id' => $mid,
     241            'data' => _list_meta_row( $meta, $c ),
     242            'position' => 1,
     243            'supplemental' => array('postid' => $pid)
     244        ) );
     245    } else {
     246        $mid = (int) array_pop(array_keys($_POST['meta']));
     247        $key = $_POST['meta'][$mid]['key'];
     248        $value = $_POST['meta'][$mid]['value'];
     249        if ( !$meta = get_post_meta_by_id( $mid ) )
     250            die('0'); // if meta doesn't exist
     251        if ( !current_user_can( 'edit_post', $meta->post_id ) )
     252            die('-1');
     253        if ( !$u = update_meta( $mid, $key, $value ) )
     254            die('1'); // We know meta exists; we also know it's unchanged (or DB error, in which case there are bigger problems).
    240255        $key = stripslashes($key);
    241256        $value = stripslashes($value);
    242257        $x = new WP_Ajax_Response( array(
    243258            'what' => 'meta',
    244             'id' => $mid,
    245             'data' => wp_ajax_meta_row( $meta->post_id, $mid, $key, $value ),
     259            'id' => $mid, 'old_id' => $mid,
     260            'data' => _list_meta_row( array(
     261                'meta_key' => $key,
     262                'meta_value' => $value,
     263                'meta_id' => $mid
     264            ), $c ),
     265            'position' => 0,
    246266            'supplemental' => array('postid' => $meta->post_id)
    247267        ) );
    248         $x->send();
    249     }
    250     die('1'); // We know meta exists; we also know it's unchanged (or DB error, in which case there are bigger problems).
     268    }
     269    $x->send();
    251270    break;
    252271case 'add-user' :
     272    check_ajax_referer( $action );
    253273    if ( !current_user_can('edit_users') )
    254274        die('-1');
     
    262282    }
    263283    $user_object = new WP_User( $user_id );
     284
    264285    $x = new WP_Ajax_Response( array(
    265286        'what' => 'user',
    266287        'id' => $user_id,
    267288        'data' => user_row( $user_object ),
    268         'supplemental' => array('show-link' => sprintf(__( 'User <a href="#%s">%s</a> added' ), "user-$user_id", $user_object->user_login))
     289        'supplemental' => array(
     290            'show-link' => sprintf(__( 'User <a href="#%s">%s</a> added' ), "user-$user_id", $user_object->user_login),
     291            'role' => $user_object->roles[0]
     292        )
    269293    ) );
    270294    $x->send();
    271295    break;
    272296case 'autosave' : // The name of this action is hardcoded in edit_post()
     297    check_ajax_referer( $action );
    273298    $_POST['post_content'] = $_POST['content'];
    274299    $_POST['post_excerpt'] = $_POST['excerpt'];
     
    301326break;
    302327case 'autosave-generate-nonces' :
     328    check_ajax_referer( $action );
    303329    $ID = (int) $_POST['post_ID'];
    304330    if($_POST['post_type'] == 'post') {
  • trunk/wp-admin/categories.php

    r6163 r6213  
    100100    </tr>
    101101    </thead>
    102     <tbody id="the-list">
     102    <tbody id="the-list" class="list:cat">
    103103<?php
    104104cat_rows();
  • trunk/wp-admin/edit-category-form.php

    r6026 r6213  
    1010    $heading = __('Add Category');
    1111    $submit_text = __('Add Category &raquo;');
    12     $form = '<form name="addcat" id="addcat" method="post" action="categories.php">';
     12    $form = '<form name="addcat" id="addcat" method="post" action="categories.php" class="add:the-list:">';
    1313    $action = 'addcat';
    1414    $nonce_action = 'add-category';
     
    4444        </tr>
    4545    </table>
    46 <p class="submit"><input type="submit" name="submit" value="<?php echo $submit_text ?>" /></p>
     46<p class="submit"><input type="submit" class="add:the-list:cat:addcat" name="submit" value="<?php echo $submit_text ?>" /></p>
    4747<?php do_action('edit_category_form', $category); ?>
    4848</form>
  • trunk/wp-admin/edit-comments.php

    r6026 r6213  
    103103        $start = " start='$offset'";
    104104
    105         echo "<ol id='the-comment-list' class='commentlist' $start>\n";
     105        echo "<ol id='the-comment-list' class='list:comment commentlist' $start>\n";
    106106        $i = 0;
    107107        foreach ( $comments as $comment ) {
     
    113113if ( $extra_comments ) : ?>
    114114<div id="extra-comments" style="display:none">
    115 <ul id="the-extra-comment-list" class="commentlist">
     115<ol id="the-extra-comment-list" class="list:comment commentlist" style="color:red">
    116116<?php
    117117    foreach ( $extra_comments as $comment ) {
    118118        get_comment( $comment ); // Cache it
    119         _wp_comment_list_item( $comment->comment_ID, ++$i );
    120     }
    121 ?>
    122 </ul>
     119        _wp_comment_list_item( $comment->comment_ID, 0 );
     120    }
     121?>
     122</ol>
     123<form action="" method="get" id="get-extra-comments" class="add:the-extra-comment-list:">
     124<input type="hidden" name="page" value="<?php echo $page; ?>" />
     125<input type="hidden" name="s" value="<?php echo attribute_escape(@$_GET['s']); ?>" />
     126<?php wp_nonce_field( 'add-comment', '_ajax_nonce', false ); ?>
    123127</div>
    124128<?php endif; // $extra_comments ?>
     
    150154    <th scope="col" colspan="3" style="text-align: center">' .  __('Actions') . '</th>
    151155  </tr>
    152 </thead>';
     156</thead>
     157<tbody id="the-comment-list" class="list:comment">';
    153158        foreach ($comments as $comment) {
    154159        $post = get_post($comment->comment_post_ID);
     
    160165  <tr id="comment-<?php echo $comment->comment_ID; ?>" class='<?php echo $class; ?>'>
    161166    <td style="text-align: center"><?php if ( current_user_can('edit_post', $comment->comment_post_ID) ) { ?><input type="checkbox" name="delete_comments[]" value="<?php echo $comment->comment_ID; ?>" /><?php } ?></td>
    162     <td><?php comment_author_link() ?></td>
     167    <td class="comment-author"><?php comment_author_link() ?></td>
    163168    <td><?php comment_author_email_link() ?></td>
    164169    <td><a href="edit-comments.php?s=<?php comment_author_IP() ?>&amp;mode=edit"><?php comment_author_IP() ?></a></td>
     
    174179    echo "<a href='comment.php?action=editcomment&amp;c=$comment->comment_ID' class='edit'>" .  __('Edit') . "</a>"; } ?></td>
    175180    <td><?php if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
    176         echo "<a href=\"comment.php?action=deletecomment&amp;p=".$comment->comment_post_ID."&amp;c=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to delete this comment by '%s'. \n  'Cancel' to stop, 'OK' to delete."), $comment->comment_author ))  . "', theCommentList );\" class='delete'>" . __('Delete') . "</a> ";
     181        $url = clean_url( wp_nonce_url( "comment.php?action=deletecomment&p=$comment->comment_post_ID&c=$comment->comment_ID", "delete-comment_$comment->comment_ID" ) );
     182        echo "<a href='$url' class='delete:the-comment-list:comment-$comment->comment_ID delete'>" . __('Delete') . "</a> ";
    177183        } ?></td>
    178184  </tr>
    179185        <?php
    180186        } // end foreach
    181     ?></table>
     187    ?></tbody>
     188</table>
    182189<p class="submit"><input type="submit" name="delete_button" class="delete" value="<?php _e('Delete Checked Comments &raquo;') ?>" onclick="var numchecked = getNumChecked(document.getElementById('deletecomments')); if(numchecked < 1) { alert('<?php echo js_escape(__("Please select some comments to delete")); ?>'); return false } return confirm('<?php echo sprintf(js_escape(__("You are about to delete %s comments permanently \n  'Cancel' to stop, 'OK' to delete.")), "' + numchecked + '"); ?>')" />
    183190            <input type="submit" name="spam_button" value="<?php _e('Mark Checked Comments as Spam &raquo;') ?>" onclick="var numchecked = getNumChecked(document.getElementById('deletecomments')); if(numchecked < 1) { alert('<?php echo js_escape(__("Please select some comments to mark as spam")); ?>'); return false } return confirm('<?php echo sprintf(js_escape(__("You are about to mark %s comments as spam \n  'Cancel' to stop, 'OK' to mark as spam.")), "' + numchecked + '"); ?>')" /></p>
  • trunk/wp-admin/edit-form-advanced.php

    r6123 r6213  
    7575<h3 class="dbx-handle"><?php _e('Categories') ?></h3>
    7676<div class="dbx-content">
    77 <p id="jaxcat"></p>
    78 <ul id="categorychecklist"><?php dropdown_categories(); ?></ul></div>
     77<p id="jaxcat"><?php wp_nonce_field( 'add-category', '_ajax_nonce', false ); ?></p>
     78<ul id="categorychecklist" class="list:category"><?php dropdown_categories(); ?></ul></div>
    7979</fieldset>
    8080
  • trunk/wp-admin/edit-link-form.php

    r5826 r6213  
    4343<h3 class="dbx-handle"><?php _e('Categories') ?></h3>
    4444<div class="dbx-content">
    45 <p id="jaxcat"></p>
    46 <ul id="linkcategorychecklist"><?php dropdown_link_categories(get_option('default_link_category')); ?></ul>
     45<p id="jaxcat"><?php wp_nonce_field( 'add-link-category', '_ajax_nonce', false ); ?></p>
     46<ul id="categorychecklist" class="list:link-category"><?php dropdown_link_categories(get_option('default_link_category')); ?></ul>
    4747</div>
    4848</fieldset>
  • trunk/wp-admin/edit-pages.php

    r6034 r6213  
    33$title = __('Pages');
    44$parent_file = 'edit.php';
    5 wp_enqueue_script( 'listman' );
     5wp_enqueue_script( 'wp-lists' );
    66require_once('admin-header.php');
    77
     
    2121
    2222?>
    23 
     23<script>
     24/* <![CDATA[ */
     25jQuery(function($){$('#the-list').wpList();});
     26/* ]]> */
     27</script>
    2428<div class="wrap">
    25 
    2629<h2><?php
    2730// Use $_GET instead of is_ since they can override each other
     
    8285  </tr>
    8386  </thead>
    84   <tbody id="the-list">
     87  <tbody id="the-list" class="list:page">
    8588<?php page_rows(0, 0, $posts, $all); ?>
    8689  </tbody>
  • trunk/wp-admin/edit-post-rows.php

    r6041 r6213  
    99    </tr>
    1010    </thead>
    11     <tbody id="the-list">
     11    <tbody id="the-list" class="list:post">
    1212<?php
     13$i_post = 0;
    1314if ( have_posts() ) {
    1415$bgcolor = '';
    1516add_filter('the_title','wp_specialchars');
    16 while (have_posts()) : the_post();
    17 $class = ('alternate' == $class) ? '' : 'alternate';
     17while (have_posts()) : the_post(); $i_post++;
     18if ( 16 == $i_post )
     19    echo "\t</tbody>\n\t<tbody id='the-extra-list' class='list:post' style='color: red'>\n"; // Hack!
     20$class = ( $i_post > 15 || 'alternate' == $class) ? '' : 'alternate';
    1821global $current_user;
    1922$post_owner = ( $current_user->ID == $post->post_author ? 'self' : 'other' );
     
    9194    case 'control_delete':
    9295        ?>
    93         <td><?php if ( current_user_can('delete_post',$post->ID) ) { echo "<a href='" . wp_nonce_url("post.php?action=delete&amp;post=$id", 'delete-post_' . $post->ID) . "' class='delete' onclick=\"return deleteSomething( 'post', " . $id . ", '" . js_escape(sprintf(__("You are about to delete this post '%s'.\n'OK' to delete, 'Cancel' to stop."), get_the_title())) . "' );\">" . __('Delete') . "</a>"; } ?></td>
     96        <td><?php if ( current_user_can('delete_post',$post->ID) ) { echo "<a href='" . wp_nonce_url("post.php?action=delete&amp;post=$id", 'delete-post_' . $post->ID) . "' class='delete:the-list:post-$post->ID delete'>" . __('Delete') . "</a>"; } ?></td>
    9497        <?php
    9598        break;
  • trunk/wp-admin/edit.php

    r6154 r6213  
    44$title = __('Posts');
    55$parent_file = 'edit.php';
    6 wp_enqueue_script( 1 == $_GET['c'] ? 'admin-comments' : 'listman' );
     6wp_enqueue_script( 'admin-posts' );
     7if ( 1 == $_GET['c'] )
     8    wp_enqueue_script( 'admin-comments' );
    79require_once('admin-header.php');
    810
    9 $_GET['m']   = (int) $_GET['m'];
    10 $_GET['cat'] = (int) $_GET['cat'];
    11 $post_stati  = array(   //  array( adj, noun )
    12             'publish' => array(__('Published'), __('Published posts')),
    13             'future' => array(__('Scheduled'), __('Scheduled posts')),
    14             'pending' => array(__('Pending Review'), __('Pending posts')),
    15             'draft' => array(__('Draft'), _c('Drafts|manage posts header')),
    16             'private' => array(__('Private'), __('Private posts'))
    17         );
    18 
    19 $avail_post_stati = $wpdb->get_col("SELECT DISTINCT post_status FROM $wpdb->posts WHERE post_type = 'post'");
    20 
    21 $post_status_q = '';
    22 $post_status_label = __('Posts');
    23 if ( isset($_GET['post_status']) && in_array( $_GET['post_status'], array_keys($post_stati) ) ) {
    24     $post_status_label = $post_stati[$_GET['post_status']][1];
    25     $post_status_q = '&post_status=' . $_GET['post_status'];
    26 }
     11add_filter( 'post_limits', $limit_filter = create_function( '$a', '$b = split(" ",$a); if ( !isset($b[2]) ) return $a; $start = intval(trim($b[1])) / 20 * 15; if ( !is_int($start) ) return $a; return "LIMIT $start, 20";' ) );
     12list($post_stati, $avail_post_stati) = wp_edit_posts_query();
     13$wp_query->max_num_pages = ceil( $wp_query->found_posts / 15 ); // We grab 20 but only show 15 ( 5 more for ajax extra )
    2714?>
    2815
     
    3118<?php
    3219
    33 if ( 'pending' === $_GET['post_status'] ) {
    34     $order = 'ASC';
    35     $orderby = 'modified';
    36 } elseif ( 'draft' === $_GET['post_status'] ) {
    37     $order = 'DESC';
    38     $orderby = 'modified';
    39 } else {
    40     $order = 'DESC';
    41     $orderby = 'date';
    42 }
    43 
    44 wp("what_to_show=posts$post_status_q&posts_per_page=15&order=$order&orderby=$orderby");
    45 
    46 // define the columns to display, the syntax is 'internal name' => 'display name'
    47 $posts_columns = array();
    48 $posts_columns['id'] = '<div style="text-align: center">' . __('ID') . '</div>';
    49 if ( 'draft' === $_GET['post_status'] )
    50     $posts_columns['modified'] = __('Modified');
    51 elseif ( 'pending' === $_GET['post_status'] )
    52     $posts_columns['modified'] = __('Submitted');
    53 else
    54     $posts_columns['date'] = __('When');
    55 $posts_columns['title'] = __('Title');
    56 $posts_columns['categories'] = __('Categories');
    57 if ( !in_array($_GET['post_status'], array('pending', 'draft', 'future')) )
    58     $posts_columns['comments'] = '<div style="text-align: center">' . __('Comments') . '</div>';
    59 $posts_columns['author'] = __('Author');
    60 
    61 $posts_columns = apply_filters('manage_posts_columns', $posts_columns);
    62 
    63 // you can not edit these at the moment
    64 $posts_columns['control_view']   = '';
    65 $posts_columns['control_edit']   = '';
    66 $posts_columns['control_delete'] = '';
     20$posts_columns = wp_manage_posts_columns();
    6721
    6822?>
     
    155109    </fieldset>
    156110    <input type="submit" id="post-query-submit" value="<?php _e('Filter &#187;'); ?>" class="button" />
     111    <?php wp_nonce_field( 'add-post', '_ajax_nonce', false ); ?>
     112    <input type="button" id="get-extra-button" class="add:the-extra-list:searchform" style="display:none" />
    157113</form>
    158114
  • trunk/wp-admin/includes/post.php

    r6125 r6213  
    469469}
    470470
     471function wp_edit_posts_query( $q = '_GET' ) {
     472    global $wpdb;
     473    $$q['m']   = (int) $$q['m'];
     474    $$q['cat'] = (int) $$q['cat'];
     475    $post_stati  = array(   //  array( adj, noun )
     476                'draft' => array(__('Draft'), _c('Drafts|manage posts header')),
     477                'future' => array(__('Scheduled'), __('Scheduled posts')),
     478                'pending' => array(__('Pending Review'), __('Pending posts')),
     479                'private' => array(__('Private'), __('Private posts')),
     480                'publish' => array(__('Published'), __('Published posts'))
     481            );
     482
     483    $avail_post_stati = $wpdb->get_col("SELECT DISTINCT post_status FROM $wpdb->posts WHERE post_type = 'post'");
     484
     485    $post_status_q = '';
     486    $post_status_label = _c('Posts|manage posts header');
     487    if ( isset($$q['post_status']) && in_array( $$q['post_status'], array_keys($post_stati) ) ) {
     488        $post_status_label = $post_stati[$$q['post_status']][1];
     489        $post_status_q = '&post_status=' . $$q['post_status'];
     490    }
     491
     492    if ( 'pending' === $$q['post_status'] ) {
     493        $order = 'ASC';
     494        $orderby = 'modified';
     495    } elseif ( 'draft' === $$q['post_status'] ) {
     496        $order = 'DESC';
     497        $orderby = 'modified';
     498    } else {
     499        $order = 'DESC';
     500        $orderby = 'date';
     501    }
     502
     503    wp("what_to_show=posts$post_status_q&posts_per_page=20&order=$order&orderby=$orderby");
     504
     505    return array($post_stati, $avail_post_stati);
     506}
     507
    471508?>
  • trunk/wp-admin/includes/template.php

    r6193 r6213  
    4242
    4343        if ( $category->term_id != $default_cat_id )
    44             $edit .= "<td><a href='" . wp_nonce_url( "categories.php?action=delete&amp;cat_ID=$category->term_id", 'delete-category_' . $category->term_id ) . "' onclick=\"return deleteSomething( 'cat', $category->term_id, '" . js_escape(sprintf( __("You are about to delete the category '%s'.\nAll posts that were only assigned to this category will be assigned to the '%s' category.\nAll links that were only assigned to this category will be assigned to the '%s' category.\n'OK' to delete, 'Cancel' to stop." ), $category->name, get_catname( $default_cat_id ), get_catname( $default_link_cat_id ) )) . "' );\" class='delete'>".__( 'Delete' )."</a>";
     44            $edit .= "<td><a href='" . wp_nonce_url( "categories.php?action=delete&amp;cat_ID=$category->term_id", 'delete-category_' . $category->term_id ) . "' class='delete:the-list:cat-$category->term_id delete'>".__( 'Delete' )."</a>";
    4545        else
    4646            $edit .= "<td style='text-align:center'>".__( "Default" );
     
    165165}
    166166
     167// define the columns to display, the syntax is 'internal name' => 'display name'
     168function wp_manage_posts_columns() {
     169    $posts_columns = array();
     170    $posts_columns['id'] = '<div style="text-align: center">' . __('ID') . '</div>';
     171    if ( 'draft' === $_GET['post_status'] )
     172        $posts_columns['modified'] = __('Modified');
     173    elseif ( 'pending' === $_GET['post_status'] )
     174        $posts_columns['modified'] = __('Submitted');
     175    else
     176        $posts_columns['date'] = __('When');
     177    $posts_columns['title'] = __('Title');
     178    $posts_columns['categories'] = __('Categories');
     179    if ( !in_array($_GET['post_status'], array('pending', 'draft', 'future')) )
     180        $posts_columns['comments'] = '<div style="text-align: center">' . __('Comments') . '</div>';
     181    $posts_columns['author'] = __('Author');
     182    $posts_columns = apply_filters('manage_posts_columns', $posts_columns);
     183
     184    // you can not edit these at the moment
     185    $posts_columns['control_view']   = '';
     186    $posts_columns['control_edit']   = '';
     187    $posts_columns['control_delete'] = '';
     188
     189    return $posts_columns;
     190}
     191
    167192function page_rows( $parent = 0, $level = 0, $pages = 0, $hierarchy = true ) {
    168193    global $wpdb, $class, $post;
     
    191216    <td><?php the_author() ?></td>
    192217    <td><?php if ( '0000-00-00 00:00:00' ==$post->post_modified ) _e('Unpublished'); else echo mysql2date( __('Y-m-d g:i a'), $post->post_modified ); ?></td>
    193     <td><a href="<?php the_permalink(); ?>" rel="permalink" class="view"><?php _e( 'View' ); ?></a></td>
     218    <td><a href="<?php the_permalink(); ?>" rel="permalink" class="view"><?php _e( 'View' ); ?></a></td>
    194219    <td><?php if ( current_user_can( 'edit_page', $id ) ) { echo "<a href='page.php?action=edit&amp;post=$id' class='edit'>" . __( 'Edit' ) . "</a>"; } ?></td>
    195     <td><?php if ( current_user_can( 'delete_page', $id ) ) { echo "<a href='" . wp_nonce_url( "page.php?action=delete&amp;post=$id", 'delete-page_' . $id ) .  "' class='delete' onclick=\"return deleteSomething( 'page', " . $id . ", '" . js_escape(sprintf( __("You are about to delete the '%s' page.\n'OK' to delete, 'Cancel' to stop." ), get_the_title() ) ) . "' );\">" . __( 'Delete' ) . "</a>"; } ?></td>
     220    <td><?php if ( current_user_can( 'delete_page', $id ) ) { echo "<a href='" . wp_nonce_url( "page.php?action=delete&amp;post=$id", 'delete-page_' . $id ) .  "' class='delete:the-list:page-$id delete'>" . __( 'Delete' ) . "</a>"; } ?></td>
    196221  </tr>
    197222
     
    263288function _wp_comment_list_item( $id, $alt = 0 ) {
    264289    global $authordata, $comment, $wpdb;
    265     $id = (int) $id;
    266290    $comment =& get_comment( $id );
     291    $id = (int) $comment->comment_ID;
    267292    $class = '';
    268293    $post = get_post($comment->comment_post_ID);
    269294    $authordata = get_userdata($post->post_author);
    270     $comment_status = wp_get_comment_status($comment->comment_ID);
     295    $comment_status = wp_get_comment_status($id);
    271296    if ( 'unapproved' == $comment_status )
    272297        $class .= ' unapproved';
    273298    if ( $alt % 2 )
    274299        $class .= ' alternate';
    275     echo "<li id='comment-$comment->comment_ID' class='$class'>";
    276 ?>
    277 <p><strong><?php comment_author(); ?></strong> <?php if ($comment->comment_author_email) { ?>| <?php comment_author_email_link() ?> <?php } if ($comment->comment_author_url && 'http://' != $comment->comment_author_url) { ?> | <?php comment_author_url_link() ?> <?php } ?>| <?php _e('IP:') ?> <a href="http://ws.arin.net/cgi-bin/whois.pl?queryinput=<?php comment_author_IP() ?>"><?php comment_author_IP() ?></a></p>
     300    echo "<li id='comment-$id' class='$class'>";
     301?>
     302<p><strong class="comment-author"><?php comment_author(); ?></strong> <?php if ($comment->comment_author_email) { ?>| <?php comment_author_email_link() ?> <?php } if ($comment->comment_author_url && 'http://' != $comment->comment_author_url) { ?> | <?php comment_author_url_link() ?> <?php } ?>| <?php _e('IP:') ?> <a href="http://ws.arin.net/cgi-bin/whois.pl?queryinput=<?php comment_author_IP() ?>"><?php comment_author_IP() ?></a></p>
    278303
    279304<?php comment_text() ?>
     
    282307<?php
    283308if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
    284     echo " <a href='comment.php?action=editcomment&amp;c=".$comment->comment_ID."'>" .  __('Edit') . '</a>';
    285     echo ' | <a href="' . wp_nonce_url('comment.php?action=deletecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . '" onclick="return deleteSomething( \'comment\', ' . $comment->comment_ID . ', \'' . js_escape(sprintf(__("You are about to delete this comment by '%s'.\n'Cancel' to stop, 'OK' to delete."), $comment->comment_author)) . "', theCommentList );\">" . __('Delete') . '</a> ';
     309    echo " <a href='comment.php?action=editcomment&amp;c=$id'>" .  __('Edit') . '</a>';
     310    $url = clean_url( wp_nonce_url( "comment.php?action=deletecomment&p=$comment->comment_post_ID&c=$id", "delete-comment_$id" ) );
     311    echo " | <a href='$url' class='delete:the-comment-list:comment-$id'>" . __('Delete') . '</a> ';
    286312    if ( ('none' != $comment_status) && ( current_user_can('moderate_comments') ) ) {
    287         echo '<span class="unapprove"> | <a href="' . wp_nonce_url('comment.php?action=unapprovecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'unapprove-comment_' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\', theCommentList );">' . __('Unapprove') . '</a> </span>';
    288         echo '<span class="approve"> | <a href="' . wp_nonce_url('comment.php?action=approvecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'approve-comment_' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\', theCommentList );">' . __('Approve') . '</a> </span>';
    289     }
    290     echo " | <a href=\"" . wp_nonce_url("comment.php?action=deletecomment&amp;dt=spam&amp;p=" . $comment->comment_post_ID . "&amp;c=" . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . "\" onclick=\"return deleteSomething( 'comment-as-spam', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to mark as spam this comment by '%s'.\n'Cancel' to stop, 'OK' to mark as spam."), $comment->comment_author))  . "', theCommentList );\">" . __('Spam') . "</a> ";
     313        $url = clean_url( wp_nonce_url( "comment.php?action=unapprovecomment&p=$comment->comment_post_ID&c=$id", "unapprove-comment_$id" ) );
     314        echo "<span class='unapprove'> | <a href='$url' class='dim:the-comment-list:comment-$id:unapproved:FF3333'>" . __('Unapprove') . '</a> </span>';
     315        $url = clean_url( wp_nonce_url( "comment.php?action=approvecomment&p=$comment->comment_post_ID&c=$id", "approve-comment_$id" ) );
     316        echo "<span class='approve'> | <a href='$url' class='dim:the-comment-list:comment-$id:unapproved:FFFF33:FFFF33'>" . __('Approve') . '</a> </span>';
     317    }
     318    $url = clean_url( wp_nonce_url( "comment.php?action=deletecomment&dt=spam&p=$comment->comment_post_ID&c=$id", "delete-comment_$id" ) );
     319    echo " | <a href='$url' class='delete:the-comment-list:comment-$id::spam=1'>" . __('Spam') . '</a> ';
    291320}
    292321$post = get_post($comment->comment_post_ID, OBJECT, 'display');
     
    325354    // Exit if no meta
    326355    if (!$meta ) {
    327         echo '<tbody id="the-list"><tr style="display: none;"><td>&nbsp;</td></tr></tbody>'; //TBODY needed for list-manipulation JS
     356        echo '<tbody id="the-list" class="list:meta"><tr style="display: none;"><td>&nbsp;</td></tr></tbody>'; //TBODY needed for list-manipulation JS
    328357        return;
    329358    }
     
    337366    </tr>
    338367    </thead>
    339 <?php
    340     $r ="\n\t<tbody id='the-list'>";
    341     foreach ( $meta as $entry ) {
    342         ++ $count;
    343         if ( $count % 2 )
    344             $style = 'alternate';
    345         else
    346             $style = '';
    347         if ('_' == $entry['meta_key'] { 0 } )
    348             $style .= ' hidden';
    349 
    350         if ( is_serialized( $entry['meta_value'] ) ) {
    351             if ( is_serialized_string( $entry['meta_value'] ) ) {
    352                 // this is a serialized string, so we should display it
    353                 $entry['meta_value'] = maybe_unserialize( $entry['meta_value'] );
    354             } else {
    355                 // this is a serialized array/object so we should NOT display it
    356                 --$count;
    357                 continue;
    358             }
    359         }
    360 
    361         $key_js = js_escape( $entry['meta_key'] );
    362         $entry['meta_key']   = attribute_escape($entry['meta_key']);
    363         $entry['meta_value'] = attribute_escape($entry['meta_value']);
    364         $entry['meta_id'] = (int) $entry['meta_id'];
    365         $r .= "\n\t<tr id='meta-{$entry['meta_id']}' class='$style'>";
    366         $r .= "\n\t\t<td valign='top'><input name='meta[{$entry['meta_id']}][key]' tabindex='6' type='text' size='20' value='{$entry['meta_key']}' /></td>";
    367         $r .= "\n\t\t<td><textarea name='meta[{$entry['meta_id']}][value]' tabindex='6' rows='2' cols='30'>{$entry['meta_value']}</textarea></td>";
    368         $r .= "\n\t\t<td align='center'><input name='updatemeta' type='submit' class='updatemeta' tabindex='6' value='".attribute_escape(__( 'Update' ))."' /><br />";
    369         $r .= "\n\t\t<input name='deletemeta[{$entry['meta_id']}]' type='submit' onclick=\"return deleteSomething( 'meta', {$entry['meta_id']}, '";
    370         $r .= js_escape(sprintf( __("You are about to delete the '%s' custom field on this post.\n'OK' to delete, 'Cancel' to stop." ), $key_js ) );
    371         $r .= "' );\" class='deletemeta' tabindex='6' value='".attribute_escape(__( 'Delete' ))."' /></td>";
    372         $r .= "\n\t</tr>";
    373     }
    374     echo $r;
     368    <tbody id='the-list' class='list:meta'>
     369<?php
     370    foreach ( $meta as $entry )
     371        echo _list_meta_row( $entry, $count );
    375372    echo "\n\t</tbody>";
     373}
     374
     375function _list_meta_row( $entry, &$count ) {
     376    $r = '';
     377    ++ $count;
     378    if ( $count % 2 )
     379        $style = 'alternate';
     380    else
     381        $style = '';
     382    if ('_' == $entry['meta_key'] { 0 } )
     383        $style .= ' hidden';
     384
     385    if ( is_serialized( $entry['meta_value'] ) ) {
     386        if ( is_serialized_string( $entry['meta_value'] ) ) {
     387            // this is a serialized string, so we should display it
     388            $entry['meta_value'] = maybe_unserialize( $entry['meta_value'] );
     389        } else {
     390            // this is a serialized array/object so we should NOT display it
     391            --$count;
     392            return;
     393        }
     394    }
     395
     396    $key_js = js_escape( $entry['meta_key'] );
     397    $entry['meta_key']   = attribute_escape($entry['meta_key']);
     398    $entry['meta_value'] = attribute_escape($entry['meta_value']);
     399    $entry['meta_id'] = (int) $entry['meta_id'];
     400    $r .= "\n\t<tr id='meta-{$entry['meta_id']}' class='$style'>";
     401    $r .= "\n\t\t<td valign='top'><input name='meta[{$entry['meta_id']}][key]' tabindex='6' type='text' size='20' value='{$entry['meta_key']}' /></td>";
     402    $r .= "\n\t\t<td><textarea name='meta[{$entry['meta_id']}][value]' tabindex='6' rows='2' cols='30'>{$entry['meta_value']}</textarea></td>";
     403    $r .= "\n\t\t<td align='center'><input name='updatemeta' type='submit' tabindex='6' value='".attribute_escape(__( 'Update' ))."' class='add:the-list:meta-{$entry['meta_id']} updatemeta' /><br />";
     404    $r .= "\n\t\t<input name='deletemeta[{$entry['meta_id']}]' type='submit' ";
     405    $r .= "class='delete:the-list:meta-{$entry['meta_id']} deletemeta' tabindex='6' value='".attribute_escape(__( 'Delete' ))."' />";
     406    $r .= "<input type='hidden' name='_ajax_nonce' value='$nonce' />";
     407    $r .= "</td>\n\t</tr>";
     408    return $r;
    376409}
    377410
     
    414447    </tr>
    415448
     449<tr class="submit"><td colspan="3">
     450    <?php wp_nonce_field( 'change_meta', '_ajax_nonce', false ); ?>
     451    <input type="submit" id="addmetasub" name="addmeta" class="add:the-list:newmeta" tabindex="9" value="<?php _e( 'Add Custom Field &raquo;' ) ?>" />
     452</td></tr>
    416453</table>
    417 <p class="submit"><input type="submit" id="updatemetasub" name="updatemeta" tabindex="9" value="<?php _e( 'Add Custom Field &raquo;' ) ?>" /></p>
    418454<?php
    419455
  • trunk/wp-admin/js/cat.js

    r5816 r6213  
    1 addLoadEvent(function(){catList=new listMan('categorychecklist');catList.ajaxRespEl='jaxcat';catList.topAdder=1;catList.alt=0;catList.showLink=0;});
    2 addLoadEvent(newCatAddIn);
    3 function newCatAddIn() {
    4     var jaxcat = $('jaxcat');
    5     if ( !jaxcat )
    6         return false;
    7     // These multiple blank hidden inputs are needed: https://bugzilla.mozilla.org/show_bug.cgi?id=377815 , #3895 , #4664
    8     Element.update(jaxcat,'<span id="ajaxcat"><input type="text" name="newcat" id="newcat" size="16" autocomplete="off"/><input type="button" name="Button" id="catadd" value="' + catL10n.add + '"/><input type="hidden"/><input type="hidden"/><span id="howto">' + catL10n.how + '</span></span>');
    9     $('newcat').onkeypress = function(e) { return killSubmit("catList.ajaxAdder('category','jaxcat');", e); };
    10     $('catadd').onclick = function() { catList.ajaxAdder('category', 'jaxcat'); };
    11 }
     1jQuery( function($) {
     2    $('#jaxcat').prepend('<span id="ajaxcat"><input type="text" name="newcat" id="newcat" size="16" autocomplete="off"/><input type="button" name="Button" class="add:categorychecklist:jaxcat" id="catadd" value="' + catL10n.add + '"/><input type="hidden"/><input type="hidden"/><span id="howto">' + catL10n.how + '</span></span><span id="cat-ajax-response"></span>')
     3    var a = $('#categorychecklist').wpList( { alt: '', response: 'cat-ajax-response' } );
     4} );
  • trunk/wp-admin/js/categories.js

    r5631 r6213  
    1 addLoadEvent(function() {
    2     if (!theList.theList) return false;
    3     document.forms.addcat.submit.onclick = function(e) {return killSubmit('theList.ajaxAdder("cat", "addcat");', e); };
    4     theList.addComplete = function(what, where, update, transport) {
    5         var name = getNodeValue(transport.responseXML, 'name').unescapeHTML();
    6         var id = transport.responseXML.getElementsByTagName(what)[0].getAttribute('id');
    7         var options = document.forms['addcat'].category_parent.options;
     1jQuery(function($) {
     2    var options = document.forms['addcat'].category_parent.options;
     3
     4    var addAfter = function( r, settings ) {
     5        var name = $("<span>" + $('name', r).text() + "</span>").html();
     6        var id = $('cat', r).attr('id');
    87        options[options.length] = new Option(name, id);
    9     };
    10     theList.delComplete = function(what, id) {
    11         var options = document.forms['addcat'].category_parent.options;
     8    }
     9
     10    var delAfter = function( r, settings ) {
     11        var id = $('cat', r).attr('id');
    1212        for ( var o = 0; o < options.length; o++ )
    1313            if ( id == options[o].value )
    1414                options[o] = null;
    15     };
     15    }
     16
     17    var a = $('#the-list').wpList( { addAfter: addAfter, delAfter: delAfter } );
    1618});
  • trunk/wp-admin/js/custom-fields.js

    r5631 r6213  
    1 function customFieldsOnComplete( what, where, update, transport ) {
    2     var pidEl = $('post_ID');
    3     pidEl.name = 'post_ID';
    4     pidEl.value = getNodeValue(transport.responseXML, 'postid');
    5     var aEl = $('hiddenaction')
    6     if ( aEl.value == 'post' ) aEl.value = 'postajaxpost';
    7 }
    8 addLoadEvent(customFieldsAddIn);
    9 function customFieldsAddIn() {
    10     theList.showLink=0;
    11     theList.addComplete = customFieldsOnComplete;
    12     if (!theList.theList) return false;
    13     inputs = theList.theList.getElementsByTagName('input');
    14     for ( var i=0; i < inputs.length; i++ ) {
    15         if ('text' == inputs[i].type) {
    16             inputs[i].setAttribute('autocomplete', 'off');
    17             inputs[i].onkeypress = function(e) {return killSubmit('theList.ajaxUpdater("meta", "meta-' + parseInt(this.name.slice(5),10) + '");', e); };
    18         }
    19         if ('updatemeta' == inputs[i].className) {
    20             inputs[i].onclick = function(e) {return killSubmit('theList.ajaxUpdater("meta", "meta-' + parseInt(this.parentNode.parentNode.id.slice(5),10) + '");', e); };
    21         }
     1jQuery( function($) {
     2    var before = function() {
     3        var nonce = $('#newmeta [@name=_ajax_nonce]').val();
     4        var postId = $('#post_ID').val();
     5        if ( !nonce || !postId ) { return false; }
     6        return [nonce,postId];
    227    }
    238
    24     $('metakeyinput').onkeypress = function(e) {return killSubmit('theList.inputData+="&id="+$("post_ID").value;theList.ajaxAdder("meta", "newmeta");', e); };
    25     $('updatemetasub').onclick = function(e) {return killSubmit('theList.inputData+="&id="+$("post_ID").value;theList.ajaxAdder("meta", "newmeta");', e); };
    26 }
     9    var addBefore = function( s ) {
     10        var b = before();
     11        if ( !b ) { return false; }
     12        s.data = s.data.replace(/_ajax_nonce=[a-f0-9]+/, '_ajax_nonce=' + b[0]) + '&post_id=' + b[1];
     13        return s;
     14    };
     15
     16    var addAfter = function( r, s ) {
     17        var postId = $('postid', r).text();
     18        if ( !postId ) { return; }
     19        $('#post_ID').attr( 'name', 'post_ID' ).val( postId );
     20        var h = $('#hiddenaction');
     21        if ( 'post' == h.val() ) { h.val( 'postajaxpost' ); }
     22    };
     23
     24    var delBefore = function( s ) {
     25        var b = before(); if ( !b ) return false;
     26        s.data._ajax_nonce = b[0]; s.data.post_id = b[1];
     27        return s;
     28    }
     29
     30    $('#the-list')
     31        .wpList( { addBefore: addBefore, addAfter: addAfter, delBefore: delBefore } )
     32        .find('.updatemeta, .deletemeta').attr( 'type', 'button' );
     33} );
  • trunk/wp-admin/js/edit-comments.js

    r5631 r6213  
    1 addLoadEvent(function() {
    2     theCommentList = new listMan('the-comment-list');
    3     if ( !theCommentList )
    4         return false;
     1var list; var extra;
     2jQuery(function($) {
    53
    6     theExtraCommentList = new listMan('the-extra-comment-list');
    7     if ( theExtraCommentList ) {
    8         theExtraCommentList.showLink = 0;
    9         theExtraCommentList.altOffset = 1;
    10         if ( theExtraCommentList.theList && theExtraCommentList.theList.childNodes )
    11             var commentNum = $A(theExtraCommentList.theList.childNodes).findAll( function(i) { return Element.visible(i) } ).length;
    12         else
    13             var commentNum = 0;
    14         var urlQ   = document.location.href.split('?');
    15         var params = urlQ[1] ? urlQ[1].toQueryParams() : [];
    16         var search = params['s'] ? params['s'] : '';
    17         var page   = params['apage'] ? params['apage'] : 1;
     4var dimAfter = function( r, settings ) {
     5    var a = $('#awaitmod');
     6    a.html( parseInt(a.html(),10) + ( $('#' + settings.element).is('.' + settings.dimClass) ? 1 : -1 ) );
     7}
     8
     9var delAfter = function( r, settings ) {
     10    var a = $('#awaitmod');
     11    if ( $('#' + settings.element).is('.unapproved') && parseInt(a.html(),10) > 0 ) {
     12        a.html( parseInt(a.html(),10) - 1 );
    1813    }
    1914
    20     theCommentList.dimComplete = function(what,id,dimClass) {
    21         var m = document.getElementById('awaitmod');
    22         if ( document.getElementById(what + '-' + id).className.match(dimClass) )
    23             m.innerHTML = parseInt(m.innerHTML,10) + 1;
    24         else
    25             m.innerHTML = parseInt(m.innerHTML,10) - 1;
     15    if ( extra.size() == 0 || extra.children().size() == 0 ) {
     16        return;
    2617    }
    2718
    28     theCommentList.delComplete = function(what,id) {
    29         var m = document.getElementById('awaitmod');
    30         what = what.split('-')[0];
    31         if ( document.getElementById(what + '-' + id).className.match('unapproved') )
    32             m.innerHTML = parseInt(m.innerHTML,10) - 1;
    33         if ( theExtraCommentList && commentNum ) {
    34             var theMover = theExtraCommentList.theList.childNodes[0];
    35             Element.removeClassName(theMover,'alternate');
    36             theCommentList.theList.appendChild(theMover);
    37             theExtraCommentList.inputData += '&page=' + page;
    38             if ( search )
    39                 theExtraCommentList.inputData += '&s=' + search; // trust the URL not the search box
    40             theExtraCommentList.addComplete = function() {
    41                 if ( theExtraCommentList.theList.childNodes )
    42                     var commentNum = $A(theExtraCommentList.theList.childNodes).findAll( function(i) { return Element.visible(i) } ).length;
    43                 else
    44                     var commentNum = 0;
    45             }
    46             theExtraCommentList.ajaxAdder( 'comment', 'ajax-response' ); // Dummy Request
    47         }
    48     }
     19    list[0].wpList.add( extra.children(':eq(0)').remove().clone() );
     20    $('#get-extra-comments').submit();
     21}
    4922
    50     if ( theList ) // the post list: edit.php
    51         theList.delComplete = function() {
    52             var comments = document.getElementById('comments');
    53             var commdel = encloseFunc(function(a){a.parentNode.removeChild(a);},comments);
    54             var listdel = encloseFunc(function(a){a.parentNode.removeChild(a);},theCommentList.theList);
    55             setTimeout(commdel,705);
    56             setTimeout(listdel,705);
    57         }
    58 });
     23extra = $('#the-extra-comment-list').wpList( { alt: '', delColor: 'none', addColor: 'none' } );
     24list = $('#the-comment-list').wpList( { dimAfter : dimAfter, delAfter : delAfter, addColor: 'none' } );
    5925
     26} );
  • trunk/wp-admin/js/link-cat.js

    r5637 r6213  
    1 addLoadEvent(function(){linkcatList=new listMan('linkcategorychecklist');linkcatList.ajaxRespEl='jaxcat';linkcatList.topAdder=1;linkcatList.alt=0;linkcatList.showLink=0;});
    2 addLoadEvent(newLinkCatAddIn);
    3 function newLinkCatAddIn() {
    4     var jaxcat = $('jaxcat');
    5     if ( !jaxcat )
    6         return false;
    7     Element.update(jaxcat,'<span id="ajaxcat"><input type="text" name="newcat" id="newcat" size="16" autocomplete="off"/><input type="button" name="Button" id="catadd" value="' + linkcatL10n.add + '"/><input type="hidden"/><span id="howto">' + linkcatL10n.how + '</span></span>');
    8     $('newcat').onkeypress = function(e) { return killSubmit("linkcatList.ajaxAdder('link-category','jaxcat');", e); };
    9     $('catadd').onclick = function() { linkcatList.ajaxAdder('link-category', 'jaxcat'); };
    10 }
  • trunk/wp-admin/js/users.js

    r5631 r6213  
    1 addLoadEvent(function() {
    2     theListEls = document.getElementsByTagName('tbody');
    3     theUserLists = new Array();
    4     for ( var l = 0; l < theListEls.length; l++ ) {
    5         if ( theListEls[l].id )
    6             theUserLists[theListEls[l].id] = new listMan(theListEls[l].id);
    7     }
    8     addUserInputs = document.getElementById('adduser').getElementsByTagName('input');
    9     for ( var i = 0; i < addUserInputs.length; i++ ) {
    10         addUserInputs[i].onkeypress = function(e) { return killSubmit('addUserSubmit();', e); }
    11     }
    12     document.getElementById('addusersub').onclick = function(e) { return killSubmit('addUserSubmit();', e); }
    13 }
    14 );
     1jQuery( function($) {
     2    var userLists; var list; var addBefore; var addAfter;
    153
    16 function addUserSubmit() {
    17     var roleEl = document.getElementById('role');
    18     var role = roleEl.options[roleEl.selectedIndex].value;
    19     if ( !theUserLists['role-' + role] ) return true;
    20     return theUserLists['role-' + role].ajaxAdder('user', 'adduser');
    21 }
     4    addBefore = function( s ) {
     5        if ( $( '#role-' + $('#role').val() ).size() )
     6            return s;
     7        return false;
     8    };
     9
     10    addAfter = function( r, s ) {
     11        var roleTable = $( '#role-' + $('role', r).text() );
     12
     13        var e = $('#user-' + $('user', r).attr('id') );
     14        if ( !roleTable.size() ) { return; }
     15        if ( !e.size() ) { return; }
     16
     17        roleTable[0].wpList.add(e.remove().clone());
     18    }; 
     19
     20    userLists = $('.user-list').wpList();
     21    list = $('#user-list').wpList( { addBefore: addBefore, addAfter: addAfter } );
     22} );
  • trunk/wp-admin/link-add.php

    r5637 r6213  
    1414wp_enqueue_script( array('xfn', 'dbx-admin-key?pagenow=link.php') );
    1515if ( current_user_can( 'manage_categories' ) )
    16     wp_enqueue_script( 'ajaxlinkcat' );
     16    wp_enqueue_script( 'ajaxcat' );
    1717require('admin-header.php');
    1818?>
  • trunk/wp-admin/link-manager.php

    r6125 r6213  
    77require_once ('admin.php');
    88
    9 wp_enqueue_script( 'listman' );
     9wp_enqueue_script( 'wp-lists' );
    1010
    1111wp_reset_vars(array('action', 'cat_id', 'linkurl', 'name', 'image', 'description', 'visible', 'target', 'category', 'link_id', 'submit', 'order_by', 'links_show_cat_id', 'rating', 'rel', 'notes', 'linkcheck[]'));
     
    4747?>
    4848<script type="text/javascript">
    49 <!--
     49/* <![CDATA[ */
    5050function checkAll(form)
    5151{
     
    5959    }
    6060}
    61 //-->
     61
     62jQuery(function($){$('#the-list').wpList();});
     63
     64/* ]]> */
    6265</script>
    6366
     
    129132    </tr>
    130133    </thead>
    131     <tbody id="the-list">
     134    <tbody id="the-list" class="list:link">
    132135<?php
    133136    foreach ($links as $link) {
     
    177180                    break;
    178181                case 'action':
    179                     echo '<td><a href="link.php?link_id='.$link->link_id.'&amp;action=edit" class="edit">'.__('Edit').'</a></td>';
    180                     echo '<td><a href="' . wp_nonce_url('link.php?link_id='.$link->link_id.'&amp;action=delete', 'delete-bookmark_' . $link->link_id ) . '"'." onclick=\"return deleteSomething( 'link', $link->link_id , '".js_escape(sprintf(__("You are about to delete the '%s' link to %s.\n'Cancel' to stop, 'OK' to delete."), $link->link_name, $link->link_url )).'\' );" class="delete">'.__('Delete').'</a></td>';
     182                    echo "<td><a href='link.php?link_id=$link->link_id&amp;action=edit' class='edit'>" . __('Edit') . '</a></td>';
     183                    echo "<td><a href='" . wp_nonce_url('link.php?link_id='.$link->link_id.'&amp;action=delete', 'delete-bookmark_' . $link->link_id ) . "' class='delete:the-list:link-$link->link_id delete'>" . __('Delete') . '</a></td>';
    181184                    break;
    182185                default:
  • trunk/wp-admin/page.php

    r6026 r6213  
    108108        if ($_POST['save']) {
    109109            $location = "page.php?action=edit&post=$page_ID";
    110         } elseif ($_POST['updatemeta']) {
    111             $location = wp_get_referer() . '&message=2#postcustom';
     110        } elseif ($_POST['addemeta']) {
     111            $location = add_query_arg( 'message', 2, wp_get_referer() );
     112            $location = explode('#', $location);
     113            $location = $location[0] . '#postcustom';
    112114        } elseif ($_POST['deletemeta']) {
    113             $location = wp_get_referer() . '&message=3#postcustom';
     115            $location = add_query_arg( 'message', 3, wp_get_referer() );
     116            $location = explode('#', $location);
     117            $location = $location[0] . '#postcustom';
    114118        } elseif (!empty($_POST['referredby']) && $_POST['referredby'] != wp_get_referer()) {
    115119            $location = $_POST['referredby'];
  • trunk/wp-admin/post.php

    r6026 r6213  
    122122        if ($_POST['save']) {
    123123            $location = "post.php?action=edit&post=$post_ID";
    124         } elseif ($_POST['updatemeta']) {
    125             $location = wp_get_referer() . '&message=2#postcustom';
     124        } elseif ($_POST['addemeta']) {
     125            $location = add_query_arg( 'message', 2, wp_get_referer() );
     126            $location = explode('#', $location);
     127            $location = $location[0] . '#postcustom';
    126128        } elseif ($_POST['deletemeta']) {
    127             $location = wp_get_referer() . '&message=3#postcustom';
     129            $location = add_query_arg( 'message', 3, wp_get_referer() );
     130            $location = explode('#', $location);
     131            $location = $location[0] . '#postcustom';
    128132        } elseif (!empty($referredby) && $referredby != $referer) {
    129133            $location = $_POST['referredby'];
  • trunk/wp-admin/users.php

    r6026 r6213  
    394394</tr>
    395395</tbody>
    396 <tbody id="role-<?php echo $role; ?>"><?php
     396<tbody id="role-<?php echo $role; ?>" class="list:user user-list"><?php
    397397$style = '';
    398398foreach ( (array) $roleclass as $user_object ) {
     
    457457        echo '<p>' . sprintf(__('Users cannot currently <a href="%1$s">register themselves</a>, but you can manually create users here.'), get_option('siteurl').'/wp-admin/options-general.php#users_can_register') . '</p>';
    458458?>
    459 <form action="#add-new-user" method="post" name="adduser" id="adduser">
     459<form action="#add-new-user" method="post" name="adduser" id="adduser" class="add:user-list:">
    460460<?php wp_nonce_field('add-user') ?>
    461461<table class="editform" width="100%" cellspacing="2" cellpadding="5">
     
    508508</form>
    509509
     510<table style="color:red">
     511<tbody id="user-list" class="list:user">
     512</tbody>
     513</table>
     514
    510515</div>
    511516</div>
  • trunk/wp-admin/wp-admin.css

    r5971 r6213  
    820820}
    821821
     822#postcustom table #addmetasub {
     823    width: auto;
     824}
     825
    822826#poststuff {
    823827    margin-right: 16em;
  • trunk/wp-includes/classes.php

    r6021 r6213  
    697697            'what' => 'object', 'action' => false,
    698698            'id' => '0', 'old_id' => false,
     699            'position' => 1, // -1 = top, 1 = bottom, html ID = after, -html ID = before
    699700            'data' => '', 'supplemental' => array()
    700701        );
     
    702703        $r = wp_parse_args( $args, $defaults );
    703704        extract( $r, EXTR_SKIP );
     705        $postition = preg_replace( '/[^a-z0-9:_-]/i', '', $position );
    704706
    705707        if ( is_wp_error($id) ) {
     
    725727        $x = '';
    726728        $x .= "<response action='{$action}_$id'>"; // The action attribute in the xml output is formatted like a nonce action
    727         $x .=   "<$what id='$id'" . ( false !== $old_id ? "old_id='$old_id'>" : '>' );
     729        $x .=   "<$what id='$id' " . ( false === $old_id ? '' : "old_id='$old_id' " ) . "position='$position'>";
    728730        $x .=       $response;
    729731        $x .=       $s;
  • trunk/wp-includes/pluggable.php

    r6180 r6213  
    347347
    348348if ( !function_exists('check_ajax_referer') ) :
    349 function check_ajax_referer() {
    350     $current_name = '';
    351     if ( ( $current = wp_get_current_user() ) && $current->ID )
    352         $current_name = $current->data->user_login;
    353     if ( !$current_name )
    354         die('-1');
    355 
    356     $cookie = explode('; ', urldecode(empty($_POST['cookie']) ? $_GET['cookie'] : $_POST['cookie'])); // AJAX scripts must pass cookie=document.cookie
    357     foreach ( $cookie as $tasty ) {
    358         if ( false !== strpos($tasty, USER_COOKIE) )
    359             $user = substr(strstr($tasty, '='), 1);
    360         if ( false !== strpos($tasty, PASS_COOKIE) )
    361             $pass = substr(strstr($tasty, '='), 1);
    362     }
    363 
    364     if ( $current_name != $user || !wp_login( $user, $pass, true ) )
    365         die('-1');
     349function check_ajax_referer( $action = -1 ) {
     350    $nonce = $_REQUEST['_ajax_nonce'] ? $_REQUEST['_ajax_nonce'] : $_REQUEST['_wpnonce'];
     351    if ( !wp_verify_nonce( $nonce, $action ) ) {
     352        $current_name = '';
     353        if ( ( $current = wp_get_current_user() ) && $current->ID )
     354            $current_name = $current->data->user_login;
     355        if ( !$current_name )
     356            die('-1');
     357
     358        $cookie = explode('; ', urldecode(empty($_POST['cookie']) ? $_GET['cookie'] : $_POST['cookie'])); // AJAX scripts must pass cookie=document.cookie
     359        foreach ( $cookie as $tasty ) {
     360            if ( false !== strpos($tasty, USER_COOKIE) )
     361                $user = substr(strstr($tasty, '='), 1);
     362            if ( false !== strpos($tasty, PASS_COOKIE) )
     363                $pass = substr(strstr($tasty, '='), 1);
     364        }
     365
     366        if ( $current_name != $user || !wp_login( $user, $pass, true ) )
     367            die('-1');
     368    }
    366369    do_action('check_ajax_referer');
    367370}
  • trunk/wp-includes/script-loader.php

    r6209 r6213  
    6060            'jumpText' => __('Jump to new item'),
    6161            'delText' => __('Are you sure you want to delete this %thing%?')
     62        ) );
     63
     64        $this->add( 'wp-lists', '/wp-includes/js/wp-lists.js', array('jquery'), '20070823' );
     65        $this->localize( 'wp-lists', 'wpListL10n', array(
     66            'url' => get_option( 'siteurl' ) . '/wp-admin/admin-ajax.php'
    6267        ) );
    6368
     
    106111                ) );
    107112            }
    108             $this->add( 'ajaxcat', '/wp-admin/js/cat.js', array('listman'), '20070724' );
     113            $this->add( 'ajaxcat', '/wp-admin/js/cat.js', array( 'wp-lists' ), '20070823' );
    109114            $this->localize( 'ajaxcat', 'catL10n', array(
    110115                'add' => attribute_escape(__('Add')),
    111116                'how' => __('Separate multiple categories with commas.')
    112117            ) );
    113             $this->add( 'ajaxlinkcat', '/wp-admin/js/link-cat.js', array('listman'), '200700601' );
    114             $this->localize( 'ajaxlinkcat', 'linkcatL10n', array(
    115                 'add' => attribute_escape(__('Add')),
    116                 'how' => __('Separate multiple categories with commas.')
    117             ) );
    118             $this->add( 'admin-categories', '/wp-admin/js/categories.js', array('listman'), '3684' );
    119             $this->add( 'admin-custom-fields', '/wp-admin/js/custom-fields.js', array('listman'), '3733' );
    120             $this->add( 'admin-comments', '/wp-admin/js/edit-comments.js', array('listman'), '20070327' );
    121             $this->add( 'admin-users', '/wp-admin/js/users.js', array('listman'), '4583' );
     118            $this->add( 'admin-categories', '/wp-admin/js/categories.js', array('wp-lists'), '20070823' );
     119            $this->add( 'admin-custom-fields', '/wp-admin/js/custom-fields.js', array('wp-lists'), '20070823' );
     120            $this->add( 'admin-comments', '/wp-admin/js/edit-comments.js', array('wp-lists'), '20070822' );
     121            $this->add( 'admin-posts', '/wp-admin/js/edit-posts.js', array('wp-lists'), '20070823' );
     122            $this->add( 'admin-users', '/wp-admin/js/users.js', array('wp-lists'), '20070823' );
    122123            $this->add( 'xfn', '/wp-admin/js/xfn.js', false, '3517' );
    123124            $this->add( 'upload', '/wp-admin/js/upload.js', array('jquery'), '20070518' );
Note: See TracChangeset for help on using the changeset viewer.