Changeset 6213

Timestamp:

10/09/2007 10:49:42 PM (18 years ago)

Author:

ryan

Message:

jquery for list manipulation. Round one, fight. Props mdawaffe. fixes #4805

Location:

trunk

Files:

• wp-admin/admin-ajax.php (modified) (16 diffs)
• wp-admin/categories.php (modified) (1 diff)
• wp-admin/edit-category-form.php (modified) (2 diffs)
• wp-admin/edit-comments.php (modified) (5 diffs)
• wp-admin/edit-form-advanced.php (modified) (1 diff)
• wp-admin/edit-link-form.php (modified) (1 diff)
• wp-admin/edit-pages.php (modified) (3 diffs)
• wp-admin/edit-post-rows.php (modified) (2 diffs)
• wp-admin/edit.php (modified) (3 diffs)
• wp-admin/includes/post.php (modified) (1 diff)
• wp-admin/includes/template.php (modified) (8 diffs)
• wp-admin/js/cat.js (modified) (1 diff)
• wp-admin/js/categories.js (modified) (1 diff)
• wp-admin/js/custom-fields.js (modified) (1 diff)
• wp-admin/js/edit-comments.js (modified) (1 diff)
• wp-admin/js/edit-posts.js (added)
• wp-admin/js/link-cat.js (modified) (1 diff)
• wp-admin/js/users.js (modified) (1 diff)
• wp-admin/link-add.php (modified) (1 diff)
• wp-admin/link-manager.php (modified) (5 diffs)
• wp-admin/page.php (modified) (1 diff)
• wp-admin/post.php (modified) (1 diff)
• wp-admin/users.php (modified) (3 diffs)
• wp-admin/wp-admin.css (modified) (1 diff)
• wp-includes/classes.php (modified) (3 diffs)
• wp-includes/pluggable.php (modified) (1 diff)
• wp-includes/script-loader.php (modified) (2 diffs)

trunk/wp-admin/admin-ajax.php

@@ -5 +5 @@
 define('DOING_AJAX', true);
 
-check_ajax_referer();
 if ( !is_user_logged_in() )
     die('-1');
@@ -12 +11 @@
 add_action( 'shutdown', 'get_out_now', -1 );
 
-function wp_ajax_meta_row( $pid, $mid, $key, $value ) {
-    $value = attribute_escape($value);
-    $key_js = addslashes(wp_specialchars($key, 'double'));
-    $key = attribute_escape($key);
-    $r .= "<tr id='meta-$mid'><td valign='top'>";
-    $r .= "<input name='meta[$mid][key]' tabindex='6' onkeypress='return killSubmit(\"theList.ajaxUpdater(&#039;meta&#039;,&#039;meta-$mid&#039;);\",event);' type='text' size='20' value='$key' />";
-    $r .= "</td><td><textarea name='meta[$mid][value]' tabindex='6' rows='2' cols='30'>$value</textarea></td><td align='center'>";
-    $r .= "<input name='updatemeta' type='button' class='updatemeta' tabindex='6' value='".attribute_escape(__('Update'))."' onclick='return theList.ajaxUpdater(&#039;meta&#039;,&#039;meta-$mid&#039;);' /><br />";
-    $r .= "<input name='deletemeta[$mid]' type='submit' onclick=\"return deleteSomething( 'meta', $mid, '";
-    $r .= js_escape(sprintf(__("You are about to delete the '%s' custom field on this post.\n'OK' to delete, 'Cancel' to stop."), $key_js));
-    $r .= "' );\" class='deletemeta' tabindex='6' value='".attribute_escape(__('Delete'))."' /></td></tr>";
-    return $r;
-}
-
 $id = (int) $_POST['id'];
-switch ( $_POST['action'] ) :
+switch ( $action = $_POST['action'] ) :
+case 'add-post' :
+    check_ajax_referer( 'add-post' );
+    add_filter( 'post_limits', $limit_filter = create_function( '$a', '$b = split(" ",$a); if ( !isset($b[2]) ) return $a; $start = intval(trim($b[1])) / 20 * 15; if ( !is_int($start) ) return $a; $start += intval(trim($b[2])) - 1; return "LIMIT $start, 1";' ) );
+    wp_edit_posts_query( '_POST' );
+    $posts_columns = wp_manage_posts_columns();
+    ob_start();
+        include( 'edit-post-rows.php' );
+        $data = ob_get_contents();
+    ob_end_clean();
+    if ( !preg_match('|<tbody.+?>(.+)</tbody>|s', $data, $matches) )
+        my_dump($data);
+    $data = trim($matches[1]);
+    $x = new WP_Ajax_Response( array( 'what' => 'post', 'id' => $id, 'data' => $data ) );
+    $x->send();
+    break;
 case 'delete-comment' :
+    check_ajax_referer( "delete-comment_$id" );
     if ( !$comment = get_comment( $id ) )
         die('0');
@@ -34 +35 @@
         die('-1');
 
-    if ( wp_delete_comment( $comment->comment_ID ) )
+    if ( isset($_POST['spam']) && 1 == $_POST['spam'] )
+        $r = wp_set_comment_status( $comment->comment_ID, 'spam' );
+    else
+        $r = wp_delete_comment( $comment->comment_ID );
+
+    die( $r ? '1' : '0' );
+    break;
+case 'delete-cat' :
+    check_ajax_referer( "delete-category_$id" );
+    if ( !current_user_can( 'manage_categories' ) )
+        die('-1');
+
+    if ( wp_delete_category( $id ) )
         die('1');
     else    die('0');
     break;
-case 'delete-comment-as-spam' :
-    if ( !$comment = get_comment( $id ) )
-        die('0');
-    if ( !current_user_can( 'edit_post', $comment->comment_post_ID ) )
-        die('-1');
-
-    if ( wp_set_comment_status( $comment->comment_ID, 'spam' ) )
+case 'delete-link' :
+    check_ajax_referer( "delete-bookmark_$id" );
+    if ( !current_user_can( 'manage_links' ) )
+        die('-1');
+
+    if ( wp_delete_link( $id ) )
         die('1');
     else    die('0');
     break;
-case 'delete-cat' :
-    if ( !current_user_can( 'manage_categories' ) )
-        die('-1');
-
-    if ( wp_delete_category( $id ) )
-        die('1');
-    else    die('0');
-    break;
-case 'delete-link' :
-    if ( !current_user_can( 'manage_links' ) )
-        die('-1');
-
-    if ( wp_delete_link( $id ) )
-        die('1');
-    else    die('0');
-    break;
 case 'delete-meta' :
+    check_ajax_referer( 'change_meta' );
     if ( !$meta = get_post_meta_by_id( $id ) )
         die('0');
@@ -74 +71 @@
     break;
 case 'delete-post' :
+    check_ajax_referer( "{$action}_$id" );
     if ( !current_user_can( 'delete_post', $id ) )
         die('-1');
@@ -79 +77 @@
     if ( wp_delete_post( $id ) )
         die('1');
-    else    die('0');
+    else
+        die('0');
     break;
 case 'delete-page' :
+    check_ajax_referer( "{$action}_$id" );
     if ( !current_user_can( 'delete_page', $id ) )
         die('-1');
@@ -98 +98 @@
 
     if ( 'unapproved' == wp_get_comment_status($comment->comment_ID) ) {
+        check_ajax_referer( "approve-comment_$id" );
         if ( wp_set_comment_status( $comment->comment_ID, 'approve' ) )
             die('1');
     } else {
+        check_ajax_referer( "unapprove-comment_$id" );
         if ( wp_set_comment_status( $comment->comment_ID, 'hold' ) )
             die('1');
@@ -107 +109 @@
     break;
 case 'add-category' : // On the Fly
+    check_ajax_referer( $action );
     if ( !current_user_can( 'manage_categories' ) )
         die('-1');
@@ -121 +124 @@
             'what' => 'category',
             'id' => $cat_id,
-            'data' => "<li id='category-$cat_id'><label for='in-category-$cat_id' class='selectit'><input value='$cat_id' type='checkbox' checked='checked' name='post_category[]' id='in-category-$cat_id'/> $cat_name</label></li>"
+            'data' => "<li id='category-$cat_id'><label for='in-category-$cat_id' class='selectit'><input value='$cat_id' type='checkbox' checked='checked' name='post_category[]' id='in-category-$cat_id'/> $cat_name</label></li>",
+            'position' => -1
         ) );
     }
@@ -127 +131 @@
     break;
 case 'add-link-category' : // On the Fly
+    check_ajax_referer( $action );
     if ( !current_user_can( 'manage_categories' ) )
         die('-1');
@@ -137 +142 @@
         if ( !$cat_id = is_term( $cat_name, 'link_category' ) ) {
             $cat_id = wp_insert_term( $cat_name, 'link_category' );
-            $cat_id = $cat_id['term_id'];
         }
+        $cat_id = $cat_id['term_id'];
         $cat_name = wp_specialchars(stripslashes($cat_name));
         $x->add( array(
             'what' => 'link-category',
             'id' => $cat_id,
-            'data' => "<li id='link-category-$cat_id'><label for='in-link-category-$cat_id' class='selectit'><input value='$cat_id' type='checkbox' checked='checked' name='link_category[]' id='in-link-category-$cat_id'/> $cat_name</label></li>"
+            'data' => "<li id='link-category-$cat_id'><label for='in-link-category-$cat_id' class='selectit'><input value='$cat_id' type='checkbox' checked='checked' name='link_category[]' id='in-link-category-$cat_id'/> $cat_name</label></li>",
+            'position' => -1
         ) );
     }
@@ -149 +155 @@
     break;
 case 'add-cat' : // From Manage->Categories
+    check_ajax_referer( 'add-category' );
     if ( !current_user_can( 'manage_categories' ) )
         die('-1');
@@ -156 +163 @@
         die('0');
     $level = 0;
-    $cat_full_name = $cat->cat_name;
+    $cat_full_name = $cat->name;
     $_cat = $cat;
-    while ( $_cat->category_parent ) {
-        $_cat = get_category( $_cat->category_parent );
-        $cat_full_name = $_cat->cat_name . ' &#8212; ' . $cat_full_name;
+    while ( $_cat->parent ) {
+        $_cat = get_category( $_cat->parent );
+        $cat_full_name = $_cat->name . ' &#8212; ' . $cat_full_name;
         $level++;
     }
@@ -167 +174 @@
     $x = new WP_Ajax_Response( array(
         'what' => 'cat',
-        'id' => $cat->cat_ID,
+        'id' => $cat->term_id,
         'data' => _cat_row( $cat, $level, $cat_full_name ),
-        'supplemental' => array('name' => $cat_full_name, 'show-link' => sprintf(__( 'Category <a href="#%s">%s</a> added' ), "cat-$cat->cat_ID", $cat_full_name))
+        'supplemental' => array('name' => $cat_full_name, 'show-link' => sprintf(__( 'Category <a href="#%s">%s</a> added' ), "cat-$cat->term_id", $cat_full_name))
     ) );
     $x->send();
     break;
 case 'add-comment' :
+    check_ajax_referer( $action );
     if ( !current_user_can( 'edit_post', $id ) )
         die('-1');
     $search = isset($_POST['s']) ? $_POST['s'] : false;
-    $start = isset($_POST['page']) ? intval($_POST['page']) * 25 : 25;
+    $start = isset($_POST['page']) ? intval($_POST['page']) * 25 - 1: 24;
 
     list($comments, $total) = _wp_get_comment_list( $search, $start, 1 );
@@ -199 +207 @@
     break;
 case 'add-meta' :
-    if ( !current_user_can( 'edit_post', $id ) )
-        die('-1');
-    if ( $id < 0 ) {
-        $now = current_time('timestamp', 1);
-        if ( $pid = wp_insert_post( array(
-            'post_title' => sprintf('Draft created on %s at %s', date(get_option('date_format'), $now), date(get_option('time_format'), $now))
-        ) ) ) {
-            if ( is_wp_error( $pid ) )
-                return $pid;
-            $mid = add_meta( $pid );
+    check_ajax_referer( 'change_meta' );
+    $c = 0;
+    $pid = (int) $_POST['post_id'];
+    if ( isset($_POST['addmeta']) ) {
+        if ( !current_user_can( 'edit_post', $pid ) )
+            die('-1');
+        if ( $pid < 0 ) {
+            $now = current_time('timestamp', 1);
+            if ( $pid = wp_insert_post( array(
+                'post_title' => sprintf('Draft created on %s at %s', date(get_option('date_format'), $now), date(get_option('time_format'), $now))
+            ) ) ) {
+                if ( is_wp_error( $pid ) ) {
+                    $x = new WP_Ajax_Response( array(
+                        'what' => 'meta',
+                        'data' => $pid
+                    ) );
+                    $x->send();
+                }
+                $mid = add_meta( $pid );
+            } else {
+                die('0');
+            }
+        } else if ( !$mid = add_meta( $pid ) ) {
+            die('0');
         }
-        else
-            die('0');
-    } else if ( !$mid = add_meta( $id ) ) {
-        die('0');
-    }
-
-    $meta = get_post_meta_by_id( $mid );
-    $key = $meta->meta_key;
-    $value = $meta->meta_value;
-    $pid = (int) $meta->post_id;
-
-    $x = new WP_Ajax_Response( array(
-        'what' => 'meta',
-        'id' => $mid,
-        'data' => wp_ajax_meta_row( $pid, $mid, $key, $value ),
-        'supplemental' => array('postid' => $pid)
-    ) );
-    $x->send();
-    break;
-case 'update-meta' :
-    $mid = (int) array_pop(array_keys($_POST['meta']));
-    $key = $_POST['meta'][$mid]['key'];
-    $value = $_POST['meta'][$mid]['value'];
-    if ( !$meta = get_post_meta_by_id( $mid ) )
-        die('0'); // if meta doesn't exist
-    if ( !current_user_can( 'edit_post', $meta->post_id ) )
-        die('-1');
-    if ( $u = update_meta( $mid, $key, $value ) ) {
+
+        $meta = get_post_meta_by_id( $mid );
+        $pid = (int) $meta->post_id;
+        $meta = get_object_vars( $meta );
+        $x = new WP_Ajax_Response( array(
+            'what' => 'meta',
+            'id' => $mid,
+            'data' => _list_meta_row( $meta, $c ),
+            'position' => 1,
+            'supplemental' => array('postid' => $pid)
+        ) );
+    } else {
+        $mid = (int) array_pop(array_keys($_POST['meta']));
+        $key = $_POST['meta'][$mid]['key'];
+        $value = $_POST['meta'][$mid]['value'];
+        if ( !$meta = get_post_meta_by_id( $mid ) )
+            die('0'); // if meta doesn't exist
+        if ( !current_user_can( 'edit_post', $meta->post_id ) )
+            die('-1');
+        if ( !$u = update_meta( $mid, $key, $value ) )
+            die('1'); // We know meta exists; we also know it's unchanged (or DB error, in which case there are bigger problems).
         $key = stripslashes($key);
         $value = stripslashes($value);
         $x = new WP_Ajax_Response( array(
             'what' => 'meta',
-            'id' => $mid,
-            'data' => wp_ajax_meta_row( $meta->post_id, $mid, $key, $value ),
+            'id' => $mid, 'old_id' => $mid,
+            'data' => _list_meta_row( array(
+                'meta_key' => $key,
+                'meta_value' => $value,
+                'meta_id' => $mid
+            ), $c ),
+            'position' => 0,
             'supplemental' => array('postid' => $meta->post_id)
         ) );
-        $x->send();
-    }
-    die('1'); // We know meta exists; we also know it's unchanged (or DB error, in which case there are bigger problems).
+    }
+    $x->send();
     break;
 case 'add-user' :
+    check_ajax_referer( $action );
     if ( !current_user_can('edit_users') )
         die('-1');
@@ -262 +282 @@
     }
     $user_object = new WP_User( $user_id );
+
     $x = new WP_Ajax_Response( array(
         'what' => 'user',
         'id' => $user_id,
         'data' => user_row( $user_object ),
-        'supplemental' => array('show-link' => sprintf(__( 'User <a href="#%s">%s</a> added' ), "user-$user_id", $user_object->user_login))
+        'supplemental' => array(
+            'show-link' => sprintf(__( 'User <a href="#%s">%s</a> added' ), "user-$user_id", $user_object->user_login),
+            'role' => $user_object->roles[0]
+        )
     ) );
     $x->send();
     break;
 case 'autosave' : // The name of this action is hardcoded in edit_post()
+    check_ajax_referer( $action );
     $_POST['post_content'] = $_POST['content'];
     $_POST['post_excerpt'] = $_POST['excerpt'];
@@ -301 +326 @@
 break;
 case 'autosave-generate-nonces' :
+    check_ajax_referer( $action );
     $ID = (int) $_POST['post_ID'];
     if($_POST['post_type'] == 'post') {

trunk/wp-admin/categories.php

@@ -100 +100 @@
     </tr>
     </thead>
-    <tbody id="the-list">
+    <tbody id="the-list" class="list:cat">
 <?php
 cat_rows();

trunk/wp-admin/edit-category-form.php

@@ -10 +10 @@
     $heading = __('Add Category');
     $submit_text = __('Add Category »');
-    $form = '<form name="addcat" id="addcat" method="post" action="categories.php">';
+    $form = '<form name="addcat" id="addcat" method="post" action="categories.php" class="add:the-list:">';
     $action = 'addcat';
     $nonce_action = 'add-category';
@@ -44 +44 @@
         </tr>
     </table>
-<p class="submit"><input type="submit" name="submit" value="<?php echo $submit_text ?>" /></p>
+<p class="submit"><input type="submit" class="add:the-list:cat:addcat" name="submit" value="<?php echo $submit_text ?>" /></p>
 <?php do_action('edit_category_form', $category); ?>
 </form>

trunk/wp-admin/edit-comments.php

@@ -103 +103 @@
         $start = " start='$offset'";
 
-        echo "<ol id='the-comment-list' class='commentlist' $start>\n";
+        echo "<ol id='the-comment-list' class='list:comment commentlist' $start>\n";
         $i = 0;
         foreach ( $comments as $comment ) {
@@ -113 +113 @@
 if ( $extra_comments ) : ?>
 <div id="extra-comments" style="display:none">
-<ul id="the-extra-comment-list" class="commentlist">
+<ol id="the-extra-comment-list" class="list:comment commentlist" style="color:red">
 <?php
     foreach ( $extra_comments as $comment ) {
         get_comment( $comment ); // Cache it
-        _wp_comment_list_item( $comment->comment_ID, ++$i );
-    }
-?>
-</ul>
+        _wp_comment_list_item( $comment->comment_ID, 0 );
+    }
+?>
+</ol>
+<form action="" method="get" id="get-extra-comments" class="add:the-extra-comment-list:">
+<input type="hidden" name="page" value="<?php echo $page; ?>" />
+<input type="hidden" name="s" value="<?php echo attribute_escape(@$_GET['s']); ?>" />
+<?php wp_nonce_field( 'add-comment', '_ajax_nonce', false ); ?>
 </div>
 <?php endif; // $extra_comments ?>
@@ -150 +154 @@
     <th scope="col" colspan="3" style="text-align: center">' .  __('Actions') . '</th>
   </tr>
-</thead>';
+</thead>
+<tbody id="the-comment-list" class="list:comment">';
         foreach ($comments as $comment) {
         $post = get_post($comment->comment_post_ID);
@@ -160 +165 @@
   <tr id="comment-<?php echo $comment->comment_ID; ?>" class='<?php echo $class; ?>'>
     <td style="text-align: center"><?php if ( current_user_can('edit_post', $comment->comment_post_ID) ) { ?><input type="checkbox" name="delete_comments[]" value="<?php echo $comment->comment_ID; ?>" /><?php } ?></td>
-    <td><?php comment_author_link() ?></td>
+    <td class="comment-author"><?php comment_author_link() ?></td>
     <td><?php comment_author_email_link() ?></td>
     <td><a href="edit-comments.php?s=<?php comment_author_IP() ?>&amp;mode=edit"><?php comment_author_IP() ?></a></td>
@@ -174 +179 @@
     echo "<a href='comment.php?action=editcomment&amp;c=$comment->comment_ID' class='edit'>" .  __('Edit') . "</a>"; } ?></td>
     <td><?php if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
-        echo "<a href=\"comment.php?action=deletecomment&amp;p=".$comment->comment_post_ID."&amp;c=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to delete this comment by '%s'. \n  'Cancel' to stop, 'OK' to delete."), $comment->comment_author ))  . "', theCommentList );\" class='delete'>" . __('Delete') . "</a> ";
+        $url = clean_url( wp_nonce_url( "comment.php?action=deletecomment&p=$comment->comment_post_ID&c=$comment->comment_ID", "delete-comment_$comment->comment_ID" ) );
+        echo "<a href='$url' class='delete:the-comment-list:comment-$comment->comment_ID delete'>" . __('Delete') . "</a> ";
         } ?></td>
   </tr>
         <?php
         } // end foreach
-    ?></table>
+    ?></tbody>
+</table>
 <p class="submit"><input type="submit" name="delete_button" class="delete" value="<?php _e('Delete Checked Comments &raquo;') ?>" onclick="var numchecked = getNumChecked(document.getElementById('deletecomments')); if(numchecked < 1) { alert('<?php echo js_escape(__("Please select some comments to delete")); ?>'); return false } return confirm('<?php echo sprintf(js_escape(__("You are about to delete %s comments permanently \n  'Cancel' to stop, 'OK' to delete.")), "' + numchecked + '"); ?>')" />
             <input type="submit" name="spam_button" value="<?php _e('Mark Checked Comments as Spam &raquo;') ?>" onclick="var numchecked = getNumChecked(document.getElementById('deletecomments')); if(numchecked < 1) { alert('<?php echo js_escape(__("Please select some comments to mark as spam")); ?>'); return false } return confirm('<?php echo sprintf(js_escape(__("You are about to mark %s comments as spam \n  'Cancel' to stop, 'OK' to mark as spam.")), "' + numchecked + '"); ?>')" /></p>

trunk/wp-admin/edit-form-advanced.php

@@ -75 +75 @@
 <h3 class="dbx-handle"><?php _e('Categories') ?></h3>
 <div class="dbx-content">
-<p id="jaxcat"></p>
-<ul id="categorychecklist"><?php dropdown_categories(); ?></ul></div>
+<p id="jaxcat"><?php wp_nonce_field( 'add-category', '_ajax_nonce', false ); ?></p>
+<ul id="categorychecklist" class="list:category"><?php dropdown_categories(); ?></ul></div>
 </fieldset>
 

trunk/wp-admin/edit-link-form.php

@@ -43 +43 @@
 <h3 class="dbx-handle"><?php _e('Categories') ?></h3>
 <div class="dbx-content">
-<p id="jaxcat"></p>
-<ul id="linkcategorychecklist"><?php dropdown_link_categories(get_option('default_link_category')); ?></ul>
+<p id="jaxcat"><?php wp_nonce_field( 'add-link-category', '_ajax_nonce', false ); ?></p>
+<ul id="categorychecklist" class="list:link-category"><?php dropdown_link_categories(get_option('default_link_category')); ?></ul>
 </div>
 </fieldset>

trunk/wp-admin/edit-pages.php

@@ -3 +3 @@
 $title = __('Pages');
 $parent_file = 'edit.php';
-wp_enqueue_script( 'listman' );
+wp_enqueue_script( 'wp-lists' );
 require_once('admin-header.php');
 
@@ -21 +21 @@
 
 ?>
-
+<script>
+/* <![CDATA[ */
+jQuery(function($){$('#the-list').wpList();});
+/* ]]> */
+</script>
 <div class="wrap">
-
 <h2><?php
 // Use $_GET instead of is_ since they can override each other
@@ -82 +85 @@
   </tr>
   </thead>
-  <tbody id="the-list">
+  <tbody id="the-list" class="list:page">
 <?php page_rows(0, 0, $posts, $all); ?>
   </tbody>

trunk/wp-admin/edit-post-rows.php

@@ -9 +9 @@
     </tr>
     </thead>
-    <tbody id="the-list">
+    <tbody id="the-list" class="list:post">
 <?php
+$i_post = 0;
 if ( have_posts() ) {
 $bgcolor = '';
 add_filter('the_title','wp_specialchars');
-while (have_posts()) : the_post();
-$class = ('alternate' == $class) ? '' : 'alternate';
+while (have_posts()) : the_post(); $i_post++;
+if ( 16 == $i_post )
+    echo "\t</tbody>\n\t<tbody id='the-extra-list' class='list:post' style='color: red'>\n"; // Hack!
+$class = ( $i_post > 15 || 'alternate' == $class) ? '' : 'alternate';
 global $current_user;
 $post_owner = ( $current_user->ID == $post->post_author ? 'self' : 'other' );
@@ -91 +94 @@
     case 'control_delete':
         ?>
-        <td><?php if ( current_user_can('delete_post',$post->ID) ) { echo "<a href='" . wp_nonce_url("post.php?action=delete&amp;post=$id", 'delete-post_' . $post->ID) . "' class='delete' onclick=\"return deleteSomething( 'post', " . $id . ", '" . js_escape(sprintf(__("You are about to delete this post '%s'.\n'OK' to delete, 'Cancel' to stop."), get_the_title())) . "' );\">" . __('Delete') . "</a>"; } ?></td>
+        <td><?php if ( current_user_can('delete_post',$post->ID) ) { echo "<a href='" . wp_nonce_url("post.php?action=delete&amp;post=$id", 'delete-post_' . $post->ID) . "' class='delete:the-list:post-$post->ID delete'>" . __('Delete') . "</a>"; } ?></td>
         <?php
         break;

trunk/wp-admin/edit.php

@@ -4 +4 @@
 $title = __('Posts');
 $parent_file = 'edit.php';
-wp_enqueue_script( 1 == $_GET['c'] ? 'admin-comments' : 'listman' );
+wp_enqueue_script( 'admin-posts' );
+if ( 1 == $_GET['c'] )
+    wp_enqueue_script( 'admin-comments' );
 require_once('admin-header.php');
 
-$_GET['m']   = (int) $_GET['m'];
-$_GET['cat'] = (int) $_GET['cat'];
-$post_stati  = array(   //  array( adj, noun )
-            'publish' => array(__('Published'), __('Published posts')),
-            'future' => array(__('Scheduled'), __('Scheduled posts')),
-            'pending' => array(__('Pending Review'), __('Pending posts')),
-            'draft' => array(__('Draft'), _c('Drafts|manage posts header')),
-            'private' => array(__('Private'), __('Private posts'))
-        );
-
-$avail_post_stati = $wpdb->get_col("SELECT DISTINCT post_status FROM $wpdb->posts WHERE post_type = 'post'");
-
-$post_status_q = '';
-$post_status_label = __('Posts');
-if ( isset($_GET['post_status']) && in_array( $_GET['post_status'], array_keys($post_stati) ) ) {
-    $post_status_label = $post_stati[$_GET['post_status']][1];
-    $post_status_q = '&post_status=' . $_GET['post_status'];
-}
+add_filter( 'post_limits', $limit_filter = create_function( '$a', '$b = split(" ",$a); if ( !isset($b[2]) ) return $a; $start = intval(trim($b[1])) / 20 * 15; if ( !is_int($start) ) return $a; return "LIMIT $start, 20";' ) );
+list($post_stati, $avail_post_stati) = wp_edit_posts_query();
+$wp_query->max_num_pages = ceil( $wp_query->found_posts / 15 ); // We grab 20 but only show 15 ( 5 more for ajax extra )
 ?>
 
@@ -31 +18 @@
 <?php
 
-if ( 'pending' === $_GET['post_status'] ) {
-    $order = 'ASC';
-    $orderby = 'modified';
-} elseif ( 'draft' === $_GET['post_status'] ) {
-    $order = 'DESC';
-    $orderby = 'modified';
-} else {
-    $order = 'DESC';
-    $orderby = 'date';
-}
-
-wp("what_to_show=posts$post_status_q&posts_per_page=15&order=$order&orderby=$orderby");
-
-// define the columns to display, the syntax is 'internal name' => 'display name'
-$posts_columns = array();
-$posts_columns['id'] = '<div style="text-align: center">' . __('ID') . '</div>';
-if ( 'draft' === $_GET['post_status'] )
-    $posts_columns['modified'] = __('Modified');
-elseif ( 'pending' === $_GET['post_status'] )
-    $posts_columns['modified'] = __('Submitted');
-else
-    $posts_columns['date'] = __('When');
-$posts_columns['title'] = __('Title');
-$posts_columns['categories'] = __('Categories');
-if ( !in_array($_GET['post_status'], array('pending', 'draft', 'future')) )
-    $posts_columns['comments'] = '<div style="text-align: center">' . __('Comments') . '</div>';
-$posts_columns['author'] = __('Author');
-
-$posts_columns = apply_filters('manage_posts_columns', $posts_columns);
-
-// you can not edit these at the moment
-$posts_columns['control_view']   = '';
-$posts_columns['control_edit']   = '';
-$posts_columns['control_delete'] = '';
+$posts_columns = wp_manage_posts_columns();
 
 ?>
@@ -155 +109 @@
     </fieldset>
     <input type="submit" id="post-query-submit" value="<?php _e('Filter &#187;'); ?>" class="button" />
+    <?php wp_nonce_field( 'add-post', '_ajax_nonce', false ); ?>
+    <input type="button" id="get-extra-button" class="add:the-extra-list:searchform" style="display:none" />
 </form>
 

trunk/wp-admin/includes/post.php

@@ -469 +469 @@
 }
 
+function wp_edit_posts_query( $q = '_GET' ) {
+    global $wpdb;
+    $$q['m']   = (int) $$q['m'];
+    $$q['cat'] = (int) $$q['cat'];
+    $post_stati  = array(   //  array( adj, noun )
+                'draft' => array(__('Draft'), _c('Drafts|manage posts header')),
+                'future' => array(__('Scheduled'), __('Scheduled posts')),
+                'pending' => array(__('Pending Review'), __('Pending posts')),
+                'private' => array(__('Private'), __('Private posts')),
+                'publish' => array(__('Published'), __('Published posts'))
+            );
+
+    $avail_post_stati = $wpdb->get_col("SELECT DISTINCT post_status FROM $wpdb->posts WHERE post_type = 'post'");
+
+    $post_status_q = '';
+    $post_status_label = _c('Posts|manage posts header');
+    if ( isset($$q['post_status']) && in_array( $$q['post_status'], array_keys($post_stati) ) ) {
+        $post_status_label = $post_stati[$$q['post_status']][1];
+        $post_status_q = '&post_status=' . $$q['post_status'];
+    }
+
+    if ( 'pending' === $$q['post_status'] ) {
+        $order = 'ASC';
+        $orderby = 'modified';
+    } elseif ( 'draft' === $$q['post_status'] ) {
+        $order = 'DESC';
+        $orderby = 'modified';
+    } else {
+        $order = 'DESC';
+        $orderby = 'date';
+    }
+
+    wp("what_to_show=posts$post_status_q&posts_per_page=20&order=$order&orderby=$orderby");
+
+    return array($post_stati, $avail_post_stati);
+}
+
 ?>

trunk/wp-admin/includes/template.php

@@ -42 +42 @@
 
         if ( $category->term_id != $default_cat_id )
-            $edit .= "<td><a href='" . wp_nonce_url( "categories.php?action=delete&amp;cat_ID=$category->term_id", 'delete-category_' . $category->term_id ) . "' onclick=\"return deleteSomething( 'cat', $category->term_id, '" . js_escape(sprintf( __("You are about to delete the category '%s'.\nAll posts that were only assigned to this category will be assigned to the '%s' category.\nAll links that were only assigned to this category will be assigned to the '%s' category.\n'OK' to delete, 'Cancel' to stop." ), $category->name, get_catname( $default_cat_id ), get_catname( $default_link_cat_id ) )) . "' );\" class='delete'>".__( 'Delete' )."</a>";
+            $edit .= "<td><a href='" . wp_nonce_url( "categories.php?action=delete&amp;cat_ID=$category->term_id", 'delete-category_' . $category->term_id ) . "' class='delete:the-list:cat-$category->term_id delete'>".__( 'Delete' )."</a>";
         else
             $edit .= "<td style='text-align:center'>".__( "Default" );
@@ -165 +165 @@
 }
 
+// define the columns to display, the syntax is 'internal name' => 'display name'
+function wp_manage_posts_columns() {
+    $posts_columns = array();
+    $posts_columns['id'] = '<div style="text-align: center">' . __('ID') . '</div>';
+    if ( 'draft' === $_GET['post_status'] )
+        $posts_columns['modified'] = __('Modified');
+    elseif ( 'pending' === $_GET['post_status'] )
+        $posts_columns['modified'] = __('Submitted');
+    else
+        $posts_columns['date'] = __('When');
+    $posts_columns['title'] = __('Title');
+    $posts_columns['categories'] = __('Categories');
+    if ( !in_array($_GET['post_status'], array('pending', 'draft', 'future')) )
+        $posts_columns['comments'] = '<div style="text-align: center">' . __('Comments') . '</div>';
+    $posts_columns['author'] = __('Author');
+    $posts_columns = apply_filters('manage_posts_columns', $posts_columns);
+
+    // you can not edit these at the moment
+    $posts_columns['control_view']   = '';
+    $posts_columns['control_edit']   = '';
+    $posts_columns['control_delete'] = '';
+
+    return $posts_columns;
+}
+
 function page_rows( $parent = 0, $level = 0, $pages = 0, $hierarchy = true ) {
     global $wpdb, $class, $post;
@@ -191 +216 @@
     <td><?php the_author() ?></td>
     <td><?php if ( '0000-00-00 00:00:00' ==$post->post_modified ) _e('Unpublished'); else echo mysql2date( __('Y-m-d g:i a'), $post->post_modified ); ?></td>
-    <td><a href="<?php the_permalink(); ?>" rel="permalink" class="view"><?php _e( 'View' ); ?></a></td>
+    <td><a href="<?php the_permalink(); ?>" rel="permalink" class="view"><?php _e( 'View' ); ?></a></td>
     <td><?php if ( current_user_can( 'edit_page', $id ) ) { echo "<a href='page.php?action=edit&amp;post=$id' class='edit'>" . __( 'Edit' ) . "</a>"; } ?></td>
-    <td><?php if ( current_user_can( 'delete_page', $id ) ) { echo "<a href='" . wp_nonce_url( "page.php?action=delete&amp;post=$id", 'delete-page_' . $id ) .  "' class='delete' onclick=\"return deleteSomething( 'page', " . $id . ", '" . js_escape(sprintf( __("You are about to delete the '%s' page.\n'OK' to delete, 'Cancel' to stop." ), get_the_title() ) ) . "' );\">" . __( 'Delete' ) . "</a>"; } ?></td>
+    <td><?php if ( current_user_can( 'delete_page', $id ) ) { echo "<a href='" . wp_nonce_url( "page.php?action=delete&amp;post=$id", 'delete-page_' . $id ) .  "' class='delete:the-list:page-$id delete'>" . __( 'Delete' ) . "</a>"; } ?></td>
   </tr>
 
@@ -263 +288 @@
 function _wp_comment_list_item( $id, $alt = 0 ) {
     global $authordata, $comment, $wpdb;
-    $id = (int) $id;
     $comment =& get_comment( $id );
+    $id = (int) $comment->comment_ID;
     $class = '';
     $post = get_post($comment->comment_post_ID);
     $authordata = get_userdata($post->post_author);
-    $comment_status = wp_get_comment_status($comment->comment_ID);
+    $comment_status = wp_get_comment_status($id);
     if ( 'unapproved' == $comment_status )
         $class .= ' unapproved';
     if ( $alt % 2 )
         $class .= ' alternate';
-    echo "<li id='comment-$comment->comment_ID' class='$class'>";
-?>
-<p><strong><?php comment_author(); ?></strong> <?php if ($comment->comment_author_email) { ?>| <?php comment_author_email_link() ?> <?php } if ($comment->comment_author_url && 'http://' != $comment->comment_author_url) { ?> | <?php comment_author_url_link() ?> <?php } ?>| <?php _e('IP:') ?> <a href="http://ws.arin.net/cgi-bin/whois.pl?queryinput=<?php comment_author_IP() ?>"><?php comment_author_IP() ?></a></p>
+    echo "<li id='comment-$id' class='$class'>";
+?>
+<p><strong class="comment-author"><?php comment_author(); ?></strong> <?php if ($comment->comment_author_email) { ?>| <?php comment_author_email_link() ?> <?php } if ($comment->comment_author_url && 'http://' != $comment->comment_author_url) { ?> | <?php comment_author_url_link() ?> <?php } ?>| <?php _e('IP:') ?> <a href="http://ws.arin.net/cgi-bin/whois.pl?queryinput=<?php comment_author_IP() ?>"><?php comment_author_IP() ?></a></p>
 
 <?php comment_text() ?>
@@ -282 +307 @@
 <?php
 if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
-    echo " <a href='comment.php?action=editcomment&amp;c=".$comment->comment_ID."'>" .  __('Edit') . '</a>';
-    echo ' | <a href="' . wp_nonce_url('comment.php?action=deletecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . '" onclick="return deleteSomething( \'comment\', ' . $comment->comment_ID . ', \'' . js_escape(sprintf(__("You are about to delete this comment by '%s'.\n'Cancel' to stop, 'OK' to delete."), $comment->comment_author)) . "', theCommentList );\">" . __('Delete') . '</a> ';
+    echo " <a href='comment.php?action=editcomment&amp;c=$id'>" .  __('Edit') . '</a>';
+    $url = clean_url( wp_nonce_url( "comment.php?action=deletecomment&p=$comment->comment_post_ID&c=$id", "delete-comment_$id" ) );
+    echo " | <a href='$url' class='delete:the-comment-list:comment-$id'>" . __('Delete') . '</a> ';
     if ( ('none' != $comment_status) && ( current_user_can('moderate_comments') ) ) {
-        echo '<span class="unapprove"> | <a href="' . wp_nonce_url('comment.php?action=unapprovecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'unapprove-comment_' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\', theCommentList );">' . __('Unapprove') . '</a> </span>';
-        echo '<span class="approve"> | <a href="' . wp_nonce_url('comment.php?action=approvecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'approve-comment_' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\', theCommentList );">' . __('Approve') . '</a> </span>';
-    }
-    echo " | <a href=\"" . wp_nonce_url("comment.php?action=deletecomment&amp;dt=spam&amp;p=" . $comment->comment_post_ID . "&amp;c=" . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . "\" onclick=\"return deleteSomething( 'comment-as-spam', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to mark as spam this comment by '%s'.\n'Cancel' to stop, 'OK' to mark as spam."), $comment->comment_author))  . "', theCommentList );\">" . __('Spam') . "</a> ";
+        $url = clean_url( wp_nonce_url( "comment.php?action=unapprovecomment&p=$comment->comment_post_ID&c=$id", "unapprove-comment_$id" ) );
+        echo "<span class='unapprove'> | <a href='$url' class='dim:the-comment-list:comment-$id:unapproved:FF3333'>" . __('Unapprove') . '</a> </span>';
+        $url = clean_url( wp_nonce_url( "comment.php?action=approvecomment&p=$comment->comment_post_ID&c=$id", "approve-comment_$id" ) );
+        echo "<span class='approve'> | <a href='$url' class='dim:the-comment-list:comment-$id:unapproved:FFFF33:FFFF33'>" . __('Approve') . '</a> </span>';
+    }
+    $url = clean_url( wp_nonce_url( "comment.php?action=deletecomment&dt=spam&p=$comment->comment_post_ID&c=$id", "delete-comment_$id" ) );
+    echo " | <a href='$url' class='delete:the-comment-list:comment-$id::spam=1'>" . __('Spam') . '</a> ';
 }
 $post = get_post($comment->comment_post_ID, OBJECT, 'display');
@@ -325 +354 @@
     // Exit if no meta
     if (!$meta ) {
-        echo '<tbody id="the-list"><tr style="display: none;"><td>&nbsp;</td></tr></tbody>'; //TBODY needed for list-manipulation JS
+        echo '<tbody id="the-list" class="list:meta"><tr style="display: none;"><td>&nbsp;</td></tr></tbody>'; //TBODY needed for list-manipulation JS
         return;
     }
@@ -337 +366 @@
     </tr>
     </thead>
-<?php
-    $r ="\n\t<tbody id='the-list'>";
-    foreach ( $meta as $entry ) {
-        ++ $count;
-        if ( $count % 2 )
-            $style = 'alternate';
-        else
-            $style = '';
-        if ('_' == $entry['meta_key'] { 0 } )
-            $style .= ' hidden';
-
-        if ( is_serialized( $entry['meta_value'] ) ) {
-            if ( is_serialized_string( $entry['meta_value'] ) ) {
-                // this is a serialized string, so we should display it
-                $entry['meta_value'] = maybe_unserialize( $entry['meta_value'] );
-            } else {
-                // this is a serialized array/object so we should NOT display it
-                --$count;
-                continue;
-            }
-        }
-
-        $key_js = js_escape( $entry['meta_key'] );
-        $entry['meta_key']   = attribute_escape($entry['meta_key']);
-        $entry['meta_value'] = attribute_escape($entry['meta_value']);
-        $entry['meta_id'] = (int) $entry['meta_id'];
-        $r .= "\n\t<tr id='meta-{$entry['meta_id']}' class='$style'>";
-        $r .= "\n\t\t<td valign='top'><input name='meta[{$entry['meta_id']}][key]' tabindex='6' type='text' size='20' value='{$entry['meta_key']}' /></td>";
-        $r .= "\n\t\t<td><textarea name='meta[{$entry['meta_id']}][value]' tabindex='6' rows='2' cols='30'>{$entry['meta_value']}</textarea></td>";
-        $r .= "\n\t\t<td align='center'><input name='updatemeta' type='submit' class='updatemeta' tabindex='6' value='".attribute_escape(__( 'Update' ))."' /><br />";
-        $r .= "\n\t\t<input name='deletemeta[{$entry['meta_id']}]' type='submit' onclick=\"return deleteSomething( 'meta', {$entry['meta_id']}, '";
-        $r .= js_escape(sprintf( __("You are about to delete the '%s' custom field on this post.\n'OK' to delete, 'Cancel' to stop." ), $key_js ) );
-        $r .= "' );\" class='deletemeta' tabindex='6' value='".attribute_escape(__( 'Delete' ))."' /></td>";
-        $r .= "\n\t</tr>";
-    }
-    echo $r;
+    <tbody id='the-list' class='list:meta'>
+<?php
+    foreach ( $meta as $entry )
+        echo _list_meta_row( $entry, $count );
     echo "\n\t</tbody>";
+}
+
+function _list_meta_row( $entry, &$count ) {
+    $r = '';
+    ++ $count;
+    if ( $count % 2 )
+        $style = 'alternate';
+    else
+        $style = '';
+    if ('_' == $entry['meta_key'] { 0 } )
+        $style .= ' hidden';
+
+    if ( is_serialized( $entry['meta_value'] ) ) {
+        if ( is_serialized_string( $entry['meta_value'] ) ) {
+            // this is a serialized string, so we should display it
+            $entry['meta_value'] = maybe_unserialize( $entry['meta_value'] );
+        } else {
+            // this is a serialized array/object so we should NOT display it
+            --$count;
+            return;
+        }
+    }
+
+    $key_js = js_escape( $entry['meta_key'] );
+    $entry['meta_key']   = attribute_escape($entry['meta_key']);
+    $entry['meta_value'] = attribute_escape($entry['meta_value']);
+    $entry['meta_id'] = (int) $entry['meta_id'];
+    $r .= "\n\t<tr id='meta-{$entry['meta_id']}' class='$style'>";
+    $r .= "\n\t\t<td valign='top'><input name='meta[{$entry['meta_id']}][key]' tabindex='6' type='text' size='20' value='{$entry['meta_key']}' /></td>";
+    $r .= "\n\t\t<td><textarea name='meta[{$entry['meta_id']}][value]' tabindex='6' rows='2' cols='30'>{$entry['meta_value']}</textarea></td>";
+    $r .= "\n\t\t<td align='center'><input name='updatemeta' type='submit' tabindex='6' value='".attribute_escape(__( 'Update' ))."' class='add:the-list:meta-{$entry['meta_id']} updatemeta' /><br />";
+    $r .= "\n\t\t<input name='deletemeta[{$entry['meta_id']}]' type='submit' ";
+    $r .= "class='delete:the-list:meta-{$entry['meta_id']} deletemeta' tabindex='6' value='".attribute_escape(__( 'Delete' ))."' />";
+    $r .= "<input type='hidden' name='_ajax_nonce' value='$nonce' />";
+    $r .= "</td>\n\t</tr>";
+    return $r;
 }
 
@@ -414 +447 @@
     </tr>
 
+<tr class="submit"><td colspan="3">
+    <?php wp_nonce_field( 'change_meta', '_ajax_nonce', false ); ?>
+    <input type="submit" id="addmetasub" name="addmeta" class="add:the-list:newmeta" tabindex="9" value="<?php _e( 'Add Custom Field &raquo;' ) ?>" />
+</td></tr>
 </table>
-<p class="submit"><input type="submit" id="updatemetasub" name="updatemeta" tabindex="9" value="<?php _e( 'Add Custom Field &raquo;' ) ?>" /></p>
 <?php
 

trunk/wp-admin/js/cat.js

@@ -1 @@
-addLoadEvent(function(){catList=new listMan('categorychecklist');catList.ajaxRespEl='jaxcat';catList.topAdder=1;catList.alt=0;catList.showLink=0;});
-addLoadEvent(newCatAddIn);
-function newCatAddIn() {
-    var jaxcat = $('jaxcat');
-    if ( !jaxcat )
-        return false;
-    // These multiple blank hidden inputs are needed: https://bugzilla.mozilla.org/show_bug.cgi?id=377815 , #3895 , #4664
-    Element.update(jaxcat,'<span id="ajaxcat"><input type="text" name="newcat" id="newcat" size="16" autocomplete="off"/><input type="button" name="Button" id="catadd" value="' + catL10n.add + '"/><input type="hidden"/><input type="hidden"/><span id="howto">' + catL10n.how + '</span></span>');
-    $('newcat').onkeypress = function(e) { return killSubmit("catList.ajaxAdder('category','jaxcat');", e); };
-    $('catadd').onclick = function() { catList.ajaxAdder('category', 'jaxcat'); };
-}
+jQuery( function($) {
+    $('#jaxcat').prepend('<span id="ajaxcat"><input type="text" name="newcat" id="newcat" size="16" autocomplete="off"/><input type="button" name="Button" class="add:categorychecklist:jaxcat" id="catadd" value="' + catL10n.add + '"/><input type="hidden"/><input type="hidden"/><span id="howto">' + catL10n.how + '</span></span><span id="cat-ajax-response"></span>')
+    var a = $('#categorychecklist').wpList( { alt: '', response: 'cat-ajax-response' } );
+} );

trunk/wp-admin/js/categories.js

@@ -1 @@
-addLoadEvent(function() {
-    if (!theList.theList) return false;
-    document.forms.addcat.submit.onclick = function(e) {return killSubmit('theList.ajaxAdder("cat", "addcat");', e); };
-    theList.addComplete = function(what, where, update, transport) {
-        var name = getNodeValue(transport.responseXML, 'name').unescapeHTML();
-        var id = transport.responseXML.getElementsByTagName(what)[0].getAttribute('id');
-        var options = document.forms['addcat'].category_parent.options;
+jQuery(function($) {
+    var options = document.forms['addcat'].category_parent.options;
+
+    var addAfter = function( r, settings ) {
+        var name = $("<span>" + $('name', r).text() + "</span>").html();
+        var id = $('cat', r).attr('id');
         options[options.length] = new Option(name, id);
-    };
-    theList.delComplete = function(what, id) {
-        var options = document.forms['addcat'].category_parent.options;
+    }
+
+    var delAfter = function( r, settings ) {
+        var id = $('cat', r).attr('id');
         for ( var o = 0; o < options.length; o++ )
             if ( id == options[o].value )
                 options[o] = null;
-    };
+    }
+
+    var a = $('#the-list').wpList( { addAfter: addAfter, delAfter: delAfter } );
 });

trunk/wp-admin/js/custom-fields.js

@@ -1 @@
-function customFieldsOnComplete( what, where, update, transport ) {
-    var pidEl = $('post_ID');
-    pidEl.name = 'post_ID';
-    pidEl.value = getNodeValue(transport.responseXML, 'postid');
-    var aEl = $('hiddenaction')
-    if ( aEl.value == 'post' ) aEl.value = 'postajaxpost';
-}
-addLoadEvent(customFieldsAddIn);
-function customFieldsAddIn() {
-    theList.showLink=0;
-    theList.addComplete = customFieldsOnComplete;
-    if (!theList.theList) return false;
-    inputs = theList.theList.getElementsByTagName('input');
-    for ( var i=0; i < inputs.length; i++ ) {
-        if ('text' == inputs[i].type) {
-            inputs[i].setAttribute('autocomplete', 'off');
-            inputs[i].onkeypress = function(e) {return killSubmit('theList.ajaxUpdater("meta", "meta-' + parseInt(this.name.slice(5),10) + '");', e); };
-        }
-        if ('updatemeta' == inputs[i].className) {
-            inputs[i].onclick = function(e) {return killSubmit('theList.ajaxUpdater("meta", "meta-' + parseInt(this.parentNode.parentNode.id.slice(5),10) + '");', e); };
-        }
+jQuery( function($) {
+    var before = function() {
+        var nonce = $('#newmeta [@name=_ajax_nonce]').val();
+        var postId = $('#post_ID').val();
+        if ( !nonce || !postId ) { return false; }
+        return [nonce,postId];
     }
 
-    $('metakeyinput').onkeypress = function(e) {return killSubmit('theList.inputData+="&id="+$("post_ID").value;theList.ajaxAdder("meta", "newmeta");', e); };
-    $('updatemetasub').onclick = function(e) {return killSubmit('theList.inputData+="&id="+$("post_ID").value;theList.ajaxAdder("meta", "newmeta");', e); };
-}
+    var addBefore = function( s ) {
+        var b = before();
+        if ( !b ) { return false; }
+        s.data = s.data.replace(/_ajax_nonce=[a-f0-9]+/, '_ajax_nonce=' + b[0]) + '&post_id=' + b[1];
+        return s;
+    };
+
+    var addAfter = function( r, s ) {
+        var postId = $('postid', r).text();
+        if ( !postId ) { return; }
+        $('#post_ID').attr( 'name', 'post_ID' ).val( postId );
+        var h = $('#hiddenaction');
+        if ( 'post' == h.val() ) { h.val( 'postajaxpost' ); }
+    };
+
+    var delBefore = function( s ) {
+        var b = before(); if ( !b ) return false;
+        s.data._ajax_nonce = b[0]; s.data.post_id = b[1];
+        return s;
+    }
+
+    $('#the-list')
+        .wpList( { addBefore: addBefore, addAfter: addAfter, delBefore: delBefore } )
+        .find('.updatemeta, .deletemeta').attr( 'type', 'button' );
+} );

trunk/wp-admin/js/edit-comments.js

@@ -1 @@
-addLoadEvent(function() {
-    theCommentList = new listMan('the-comment-list');
-    if ( !theCommentList )
-        return false;
+var list; var extra;
+jQuery(function($) {
 
-    theExtraCommentList = new listMan('the-extra-comment-list');
-    if ( theExtraCommentList ) {
-        theExtraCommentList.showLink = 0;
-        theExtraCommentList.altOffset = 1;
-        if ( theExtraCommentList.theList && theExtraCommentList.theList.childNodes )
-            var commentNum = $A(theExtraCommentList.theList.childNodes).findAll( function(i) { return Element.visible(i) } ).length;
-        else
-            var commentNum = 0;
-        var urlQ   = document.location.href.split('?');
-        var params = urlQ[1] ? urlQ[1].toQueryParams() : [];
-        var search = params['s'] ? params['s'] : '';
-        var page   = params['apage'] ? params['apage'] : 1;
+var dimAfter = function( r, settings ) {
+    var a = $('#awaitmod');
+    a.html( parseInt(a.html(),10) + ( $('#' + settings.element).is('.' + settings.dimClass) ? 1 : -1 ) );
+}
+
+var delAfter = function( r, settings ) {
+    var a = $('#awaitmod');
+    if ( $('#' + settings.element).is('.unapproved') && parseInt(a.html(),10) > 0 ) {
+        a.html( parseInt(a.html(),10) - 1 );
     }
 
-    theCommentList.dimComplete = function(what,id,dimClass) {
-        var m = document.getElementById('awaitmod');
-        if ( document.getElementById(what + '-' + id).className.match(dimClass) )
-            m.innerHTML = parseInt(m.innerHTML,10) + 1;
-        else
-            m.innerHTML = parseInt(m.innerHTML,10) - 1;
+    if ( extra.size() == 0 || extra.children().size() == 0 ) {
+        return;
     }
 
-    theCommentList.delComplete = function(what,id) {
-        var m = document.getElementById('awaitmod');
-        what = what.split('-')[0];
-        if ( document.getElementById(what + '-' + id).className.match('unapproved') )
-            m.innerHTML = parseInt(m.innerHTML,10) - 1;
-        if ( theExtraCommentList && commentNum ) {
-            var theMover = theExtraCommentList.theList.childNodes[0];
-            Element.removeClassName(theMover,'alternate');
-            theCommentList.theList.appendChild(theMover);
-            theExtraCommentList.inputData += '&page=' + page;
-            if ( search )
-                theExtraCommentList.inputData += '&s=' + search; // trust the URL not the search box
-            theExtraCommentList.addComplete = function() {
-                if ( theExtraCommentList.theList.childNodes )
-                    var commentNum = $A(theExtraCommentList.theList.childNodes).findAll( function(i) { return Element.visible(i) } ).length;
-                else
-                    var commentNum = 0;
-            }
-            theExtraCommentList.ajaxAdder( 'comment', 'ajax-response' ); // Dummy Request
-        }
-    }
+    list[0].wpList.add( extra.children(':eq(0)').remove().clone() );
+    $('#get-extra-comments').submit();
+}
 
-    if ( theList ) // the post list: edit.php
-        theList.delComplete = function() {
-            var comments = document.getElementById('comments');
-            var commdel = encloseFunc(function(a){a.parentNode.removeChild(a);},comments);
-            var listdel = encloseFunc(function(a){a.parentNode.removeChild(a);},theCommentList.theList);
-            setTimeout(commdel,705);
-            setTimeout(listdel,705);
-        }
-});
+extra = $('#the-extra-comment-list').wpList( { alt: '', delColor: 'none', addColor: 'none' } );
+list = $('#the-comment-list').wpList( { dimAfter : dimAfter, delAfter : delAfter, addColor: 'none' } );
 
+} );

trunk/wp-admin/js/link-cat.js

@@ -1 @@
-addLoadEvent(function(){linkcatList=new listMan('linkcategorychecklist');linkcatList.ajaxRespEl='jaxcat';linkcatList.topAdder=1;linkcatList.alt=0;linkcatList.showLink=0;});
-addLoadEvent(newLinkCatAddIn);
-function newLinkCatAddIn() {
-    var jaxcat = $('jaxcat');
-    if ( !jaxcat )
-        return false;
-    Element.update(jaxcat,'<span id="ajaxcat"><input type="text" name="newcat" id="newcat" size="16" autocomplete="off"/><input type="button" name="Button" id="catadd" value="' + linkcatL10n.add + '"/><input type="hidden"/><span id="howto">' + linkcatL10n.how + '</span></span>');
-    $('newcat').onkeypress = function(e) { return killSubmit("linkcatList.ajaxAdder('link-category','jaxcat');", e); };
-    $('catadd').onclick = function() { linkcatList.ajaxAdder('link-category', 'jaxcat'); };
-}

trunk/wp-admin/js/users.js

@@ -1 @@
-addLoadEvent(function() {
-    theListEls = document.getElementsByTagName('tbody');
-    theUserLists = new Array();
-    for ( var l = 0; l < theListEls.length; l++ ) {
-        if ( theListEls[l].id )
-            theUserLists[theListEls[l].id] = new listMan(theListEls[l].id);
-    }
-    addUserInputs = document.getElementById('adduser').getElementsByTagName('input');
-    for ( var i = 0; i < addUserInputs.length; i++ ) {
-        addUserInputs[i].onkeypress = function(e) { return killSubmit('addUserSubmit();', e); }
-    }
-    document.getElementById('addusersub').onclick = function(e) { return killSubmit('addUserSubmit();', e); }
-}
-);
+jQuery( function($) {
+    var userLists; var list; var addBefore; var addAfter;
 
-function addUserSubmit() {
-    var roleEl = document.getElementById('role');
-    var role = roleEl.options[roleEl.selectedIndex].value;
-    if ( !theUserLists['role-' + role] ) return true;
-    return theUserLists['role-' + role].ajaxAdder('user', 'adduser');
-}
+    addBefore = function( s ) {
+        if ( $( '#role-' + $('#role').val() ).size() )
+            return s;
+        return false;
+    };
+
+    addAfter = function( r, s ) {
+        var roleTable = $( '#role-' + $('role', r).text() );
+
+        var e = $('#user-' + $('user', r).attr('id') );
+        if ( !roleTable.size() ) { return; }
+        if ( !e.size() ) { return; }
+
+        roleTable[0].wpList.add(e.remove().clone());
+    };  
+
+    userLists = $('.user-list').wpList();
+    list = $('#user-list').wpList( { addBefore: addBefore, addAfter: addAfter } );
+} );

trunk/wp-admin/link-add.php

@@ -14 +14 @@
 wp_enqueue_script( array('xfn', 'dbx-admin-key?pagenow=link.php') );
 if ( current_user_can( 'manage_categories' ) )
-    wp_enqueue_script( 'ajaxlinkcat' );
+    wp_enqueue_script( 'ajaxcat' );
 require('admin-header.php');
 ?>

trunk/wp-admin/link-manager.php

@@ -7 +7 @@
 require_once ('admin.php');
 
-wp_enqueue_script( 'listman' );
+wp_enqueue_script( 'wp-lists' );
 
 wp_reset_vars(array('action', 'cat_id', 'linkurl', 'name', 'image', 'description', 'visible', 'target', 'category', 'link_id', 'submit', 'order_by', 'links_show_cat_id', 'rating', 'rel', 'notes', 'linkcheck[]'));
@@ -47 +47 @@
 ?>
 <script type="text/javascript">
-<!--
+/* <![CDATA[ */
 function checkAll(form)
 {
@@ -59 +59 @@
     }
 }
-//-->
+
+jQuery(function($){$('#the-list').wpList();});
+
+/* ]]> */
 </script>
 
@@ -129 +132 @@
     </tr>
     </thead>
-    <tbody id="the-list">
+    <tbody id="the-list" class="list:link">
 <?php
     foreach ($links as $link) {
@@ -177 +180 @@
                     break;
                 case 'action':
-                    echo '<td><a href="link.php?link_id='.$link->link_id.'&amp;action=edit" class="edit">'.__('Edit').'</a></td>';
-                    echo '<td><a href="' . wp_nonce_url('link.php?link_id='.$link->link_id.'&amp;action=delete', 'delete-bookmark_' . $link->link_id ) . '"'." onclick=\"return deleteSomething( 'link', $link->link_id , '".js_escape(sprintf(__("You are about to delete the '%s' link to %s.\n'Cancel' to stop, 'OK' to delete."), $link->link_name, $link->link_url )).'\' );" class="delete">'.__('Delete').'</a></td>';
+                    echo "<td><a href='link.php?link_id=$link->link_id&amp;action=edit' class='edit'>" . __('Edit') . '</a></td>';
+                    echo "<td><a href='" . wp_nonce_url('link.php?link_id='.$link->link_id.'&amp;action=delete', 'delete-bookmark_' . $link->link_id ) . "' class='delete:the-list:link-$link->link_id delete'>" . __('Delete') . '</a></td>';
                     break;
                 default:

trunk/wp-admin/page.php

@@ -108 +108 @@
         if ($_POST['save']) {
             $location = "page.php?action=edit&post=$page_ID";
-        } elseif ($_POST['updatemeta']) {
-            $location = wp_get_referer() . '&message=2#postcustom';
+        } elseif ($_POST['addemeta']) {
+            $location = add_query_arg( 'message', 2, wp_get_referer() );
+            $location = explode('#', $location);
+            $location = $location[0] . '#postcustom';
         } elseif ($_POST['deletemeta']) {
-            $location = wp_get_referer() . '&message=3#postcustom';
+            $location = add_query_arg( 'message', 3, wp_get_referer() );
+            $location = explode('#', $location);
+            $location = $location[0] . '#postcustom';
         } elseif (!empty($_POST['referredby']) && $_POST['referredby'] != wp_get_referer()) {
             $location = $_POST['referredby'];

trunk/wp-admin/post.php

@@ -122 +122 @@
         if ($_POST['save']) {
             $location = "post.php?action=edit&post=$post_ID";
-        } elseif ($_POST['updatemeta']) {
-            $location = wp_get_referer() . '&message=2#postcustom';
+        } elseif ($_POST['addemeta']) {
+            $location = add_query_arg( 'message', 2, wp_get_referer() );
+            $location = explode('#', $location);
+            $location = $location[0] . '#postcustom';
         } elseif ($_POST['deletemeta']) {
-            $location = wp_get_referer() . '&message=3#postcustom';
+            $location = add_query_arg( 'message', 3, wp_get_referer() );
+            $location = explode('#', $location);
+            $location = $location[0] . '#postcustom';
         } elseif (!empty($referredby) && $referredby != $referer) {
             $location = $_POST['referredby'];

trunk/wp-admin/users.php

@@ -394 +394 @@
 </tr>
 </tbody>
-<tbody id="role-<?php echo $role; ?>"><?php
+<tbody id="role-<?php echo $role; ?>" class="list:user user-list"><?php
 $style = '';
 foreach ( (array) $roleclass as $user_object ) {
@@ -457 +457 @@
         echo '<p>' . sprintf(__('Users cannot currently <a href="%1$s">register themselves</a>, but you can manually create users here.'), get_option('siteurl').'/wp-admin/options-general.php#users_can_register') . '</p>';
 ?>
-<form action="#add-new-user" method="post" name="adduser" id="adduser">
+<form action="#add-new-user" method="post" name="adduser" id="adduser" class="add:user-list:">
 <?php wp_nonce_field('add-user') ?>
 <table class="editform" width="100%" cellspacing="2" cellpadding="5">
@@ -508 +508 @@
 </form>
 
+<table style="color:red">
+<tbody id="user-list" class="list:user">
+</tbody>
+</table>
+
 </div>
 </div>

trunk/wp-admin/wp-admin.css

@@ -820 +820 @@
 }
 
+#postcustom table #addmetasub {
+    width: auto;
+}
+
 #poststuff {
     margin-right: 16em;

trunk/wp-includes/classes.php

@@ -697 +697 @@
             'what' => 'object', 'action' => false,
             'id' => '0', 'old_id' => false,
+            'position' => 1, // -1 = top, 1 = bottom, html ID = after, -html ID = before
             'data' => '', 'supplemental' => array()
         );
@@ -702 +703 @@
         $r = wp_parse_args( $args, $defaults );
         extract( $r, EXTR_SKIP );
+        $postition = preg_replace( '/[^a-z0-9:_-]/i', '', $position );
 
         if ( is_wp_error($id) ) {
@@ -725 +727 @@
         $x = '';
         $x .= "<response action='{$action}_$id'>"; // The action attribute in the xml output is formatted like a nonce action
-        $x .=   "<$what id='$id'" . ( false !== $old_id ? "old_id='$old_id'>" : '>' );
+        $x .=   "<$what id='$id' " . ( false === $old_id ? '' : "old_id='$old_id' " ) . "position='$position'>";
         $x .=       $response;
         $x .=       $s;

trunk/wp-includes/pluggable.php

@@ -347 +347 @@
 
 if ( !function_exists('check_ajax_referer') ) :
-function check_ajax_referer() {
-    $current_name = '';
-    if ( ( $current = wp_get_current_user() ) && $current->ID )
-        $current_name = $current->data->user_login;
-    if ( !$current_name )
-        die('-1');
-
-    $cookie = explode('; ', urldecode(empty($_POST['cookie']) ? $_GET['cookie'] : $_POST['cookie'])); // AJAX scripts must pass cookie=document.cookie
-    foreach ( $cookie as $tasty ) {
-        if ( false !== strpos($tasty, USER_COOKIE) )
-            $user = substr(strstr($tasty, '='), 1);
-        if ( false !== strpos($tasty, PASS_COOKIE) )
-            $pass = substr(strstr($tasty, '='), 1);
-    }
-
-    if ( $current_name != $user || !wp_login( $user, $pass, true ) )
-        die('-1');
+function check_ajax_referer( $action = -1 ) {
+    $nonce = $_REQUEST['_ajax_nonce'] ? $_REQUEST['_ajax_nonce'] : $_REQUEST['_wpnonce'];
+    if ( !wp_verify_nonce( $nonce, $action ) ) {
+        $current_name = '';
+        if ( ( $current = wp_get_current_user() ) && $current->ID )
+            $current_name = $current->data->user_login;
+        if ( !$current_name )
+            die('-1');
+
+        $cookie = explode('; ', urldecode(empty($_POST['cookie']) ? $_GET['cookie'] : $_POST['cookie'])); // AJAX scripts must pass cookie=document.cookie
+        foreach ( $cookie as $tasty ) {
+            if ( false !== strpos($tasty, USER_COOKIE) )
+                $user = substr(strstr($tasty, '='), 1);
+            if ( false !== strpos($tasty, PASS_COOKIE) )
+                $pass = substr(strstr($tasty, '='), 1);
+        }
+
+        if ( $current_name != $user || !wp_login( $user, $pass, true ) )
+            die('-1');
+    }
     do_action('check_ajax_referer');
 }

trunk/wp-includes/script-loader.php

@@ -60 +60 @@
             'jumpText' => __('Jump to new item'),
             'delText' => __('Are you sure you want to delete this %thing%?')
+        ) );
+
+        $this->add( 'wp-lists', '/wp-includes/js/wp-lists.js', array('jquery'), '20070823' );
+        $this->localize( 'wp-lists', 'wpListL10n', array(
+            'url' => get_option( 'siteurl' ) . '/wp-admin/admin-ajax.php'
         ) );
 
@@ -106 +111 @@
                 ) );
             }
-            $this->add( 'ajaxcat', '/wp-admin/js/cat.js', array('listman'), '20070724' );
+            $this->add( 'ajaxcat', '/wp-admin/js/cat.js', array( 'wp-lists' ), '20070823' );
             $this->localize( 'ajaxcat', 'catL10n', array(
                 'add' => attribute_escape(__('Add')),
                 'how' => __('Separate multiple categories with commas.')
             ) );
-            $this->add( 'ajaxlinkcat', '/wp-admin/js/link-cat.js', array('listman'), '200700601' );
-            $this->localize( 'ajaxlinkcat', 'linkcatL10n', array(
-                'add' => attribute_escape(__('Add')),
-                'how' => __('Separate multiple categories with commas.')
-            ) );
-            $this->add( 'admin-categories', '/wp-admin/js/categories.js', array('listman'), '3684' );
-            $this->add( 'admin-custom-fields', '/wp-admin/js/custom-fields.js', array('listman'), '3733' );
-            $this->add( 'admin-comments', '/wp-admin/js/edit-comments.js', array('listman'), '20070327' );
-            $this->add( 'admin-users', '/wp-admin/js/users.js', array('listman'), '4583' );
+            $this->add( 'admin-categories', '/wp-admin/js/categories.js', array('wp-lists'), '20070823' );
+            $this->add( 'admin-custom-fields', '/wp-admin/js/custom-fields.js', array('wp-lists'), '20070823' );
+            $this->add( 'admin-comments', '/wp-admin/js/edit-comments.js', array('wp-lists'), '20070822' );
+            $this->add( 'admin-posts', '/wp-admin/js/edit-posts.js', array('wp-lists'), '20070823' );
+            $this->add( 'admin-users', '/wp-admin/js/users.js', array('wp-lists'), '20070823' );
             $this->add( 'xfn', '/wp-admin/js/xfn.js', false, '3517' );
             $this->add( 'upload', '/wp-admin/js/upload.js', array('jquery'), '20070518' );