Changeset 6910 for trunk/wp-admin/upload.php
- Timestamp:
- 02/19/2008 06:13:20 AM (17 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-admin/upload.php
r6782 r6910 2 2 require_once('admin.php'); 3 3 4 @header('Content-Type: ' . get_option('html_type') . '; charset=' . get_option('blog_charset')); 5 6 if (!current_user_can('upload_files')) 7 wp_die(__('You do not have permission to upload files.')); 8 9 wp_reset_vars(array('action', 'tab', 'from_tab', 'style', 'post_id', 'ID', 'paged', 'post_title', 'post_content', 'delete')); 10 11 // IDs should be integers 12 $ID = (int) $ID; 13 $post_id = (int) $post_id; 14 15 // Require an ID for the edit screen 16 if ( $action == 'edit' && !$ID ) 17 wp_die(__("You are not allowed to be here")); 18 19 require_once('includes/upload.php'); 20 if ( !$tab ) 21 $tab = 'browse-all'; 22 23 do_action( "upload_files_$tab" ); 24 25 $pid = 0; 26 if ( $post_id < 0 ) 27 $pid = $post_id; 28 elseif ( get_post( $post_id ) ) 29 $pid = $post_id; 30 $wp_upload_tabs = array(); 31 $all_atts = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE post_type = 'attachment'"); 32 $post_atts = 0; 33 34 if ( $pid ) { 35 // 0 => tab display name, 1 => required cap, 2 => function that produces tab content, 3 => total number objects OR array(total, objects per page), 4 => add_query_args 36 $wp_upload_tabs['upload'] = array(__('Upload'), 'upload_files', 'wp_upload_tab_upload', 0); 37 if ( $all_atts && $post_atts = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE post_type = 'attachment' AND post_parent = '$post_id'") ) 38 $wp_upload_tabs['browse'] = array(__('Browse'), 'upload_files', "wp_upload_tab_browse", $action ? 0 : $post_atts); 39 if ( $post_atts < $all_atts ) 40 $wp_upload_tabs['browse-all'] = array(__('Browse All'), 'upload_files', 'wp_upload_tab_browse', $action ? 0 : $all_atts); 41 } else 42 $wp_upload_tabs['browse-all'] = array(__('Browse All'), 'upload_files', 'wp_upload_tab_browse', $action ? 0 : $all_atts); 43 44 $wp_upload_tabs = array_merge($wp_upload_tabs, apply_filters( 'wp_upload_tabs', array() )); 45 46 if ( !is_callable($wp_upload_tabs[$tab][2]) ) { 47 $to_tab = isset($wp_upload_tabs['upload']) ? 'upload' : 'browse-all'; 48 wp_redirect( add_query_arg( 'tab', $to_tab ) ); 49 exit; 50 } 51 52 foreach ( $wp_upload_tabs as $t => $tab_array ) { 53 if ( !current_user_can( $tab_array[1] ) ) { 54 unset($wp_upload_tabs[$t]); 55 if ( $tab == $t ) 56 wp_die(__("You are not allowed to be here")); 4 if (!current_user_can('upload_files')) 5 wp_die(__('You do not have permission to upload files.')); 6 7 // Handle bulk deletes 8 if ( isset($_GET['deleteit']) && isset($_GET['delete']) ) { 9 check_admin_referer('bulk-media'); 10 foreach( (array) $_GET['delete'] as $post_id_del ) { 11 $post_del = & get_post($post_id_del); 12 13 if ( !current_user_can('delete_post', $post_id_del) ) 14 wp_die( __('You are not allowed to delete this post.') ); 15 16 if ( $post_del->post_type == 'attachment' ) 17 if ( ! wp_delete_attachment($post_id_del) ) 18 wp_die( __('Error in deleting...') ); 57 19 } 58 } 59 60 if ( 'inline' == $style ) : ?> 61 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 62 <html xmlns="http://www.w3.org/1999/xhtml" <?php do_action('admin_xml_ns'); ?> <?php language_attributes(); ?>> 63 <head> 64 <meta http-equiv="Content-Type" content="<?php bloginfo('html_type'); ?>; charset=<?php echo get_option('blog_charset'); ?>" /> 65 <title><?php bloginfo('name') ?> › <?php _e('Uploads'); ?> — WordPress</title> 66 <?php 67 wp_admin_css( 'css/global' ); 68 wp_admin_css(); 69 ?> 70 <script type="text/javascript"> 71 //<![CDATA[ 72 function addLoadEvent(func) {if ( typeof wpOnload!='function'){wpOnload=func;}else{ var oldonload=wpOnload;wpOnload=function(){oldonload();func();}}} 73 //]]> 74 </script> 75 <?php do_action('admin_print_scripts'); wp_upload_admin_head(); ?> 76 </head> 77 <body> 78 <?php 79 else : 80 add_action( 'admin_head', 'wp_upload_admin_head' ); 81 include_once('admin-header.php'); 82 ?> 83 <div class='wrap'> 84 <h2><?php _e('Uploads'); ?></h2> 85 <?php 86 endif; 87 88 echo "<ul id='upload-menu'>\n"; 89 foreach ( $wp_upload_tabs as $t => $tab_array ) { // We've already done the current_user_can check 90 $href = add_query_arg( array('tab' => $t, 'ID' => '', 'action' => '', 'paged' => '') ); 91 if ( isset($tab_array[4]) && is_array($tab_array[4]) ) 92 $href = add_query_arg( $tab_array[4], $href ); 93 $_href = clean_url( $href); 94 $page_links = ''; 95 $class = 'upload-tab alignleft'; 96 if ( $tab == $t ) { 97 $class .= ' current'; 98 if ( $tab_array[3] ) { 99 if ( is_array($tab_array[3]) ) { 100 $total = $tab_array[3][0]; 101 $per = $tab_array[3][1]; 102 } else { 103 $total = $tab_array[3]; 104 $per = 10; 105 } 106 $page_links = paginate_links( array( 107 'base' => add_query_arg( 'paged', '%#%' ), 108 'format' => '', 109 'total' => ceil($total / $per), 110 'current' => $paged ? $paged : 1, 111 'prev_text' => '«', 112 'next_text' => '»' 113 )); 114 if ( $page_links ) 115 $page_links = "<span id='current-tab-nav'>: $page_links</span>"; 20 21 $sendback = wp_get_referer(); 22 if (strpos($sendback, 'media.php') !== false) $sendback = get_option('siteurl') .'/wp-admin/media.php'; 23 $sendback = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $sendback); 24 25 wp_redirect($sendback); 26 exit(); 27 } elseif ( !empty($_GET['_wp_http_referer']) ) { 28 wp_redirect(remove_query_arg(array('_wp_http_referer', '_wpnonce'), stripslashes($_SERVER['REQUEST_URI']))); 29 exit; 30 } 31 32 $title = __('Media Library'); 33 $parent_file = 'edit.php'; 34 wp_enqueue_script( 'admin-posts' ); 35 wp_enqueue_script( 'admin-forms' ); 36 if ( 1 == $_GET['c'] ) 37 wp_enqueue_script( 'admin-comments' ); 38 39 require_once('admin-header.php'); 40 41 add_filter( 'post_limits', $limit_filter = create_function( '$a', '$b = split(" ",$a); if ( !isset($b[2]) ) return $a; $start = intval(trim($b[1])) / 20 * 15; if ( !is_int($start) ) return $a; return "LIMIT $start, 20";' ) ); 42 list($post_mime_types, $avail_post_mime_types) = wp_edit_attachments_query(); 43 $wp_query->max_num_pages = ceil( $wp_query->found_posts / 15 ); // We grab 20 but only show 15 ( 5 more for ajax extra ) 44 45 if ( !isset( $_GET['paged'] ) ) 46 $_GET['paged'] = 1; 47 48 ?> 49 50 <div class="wrap"> 51 52 <form id="posts-filter" action="" method="get"> 53 <h2><?php 54 if ( is_single() ) { 55 printf(__('Comments on %s'), apply_filters( "the_title", $post->post_title)); 56 } else { 57 $post_mime_type_label = _c('Manage Media|manage media header'); 58 if ( isset($_GET['post_mime_type']) && in_array( $_GET['post_mime_type'], array_keys($post_mime_types) ) ) 59 $post_mime_type_label = $post_mime_types[$_GET['post_mime_type']][1]; 60 if ( $post_listing_pageable && !is_archive() && !is_search() ) 61 $h2_noun = is_paged() ? sprintf(__( 'Previous %s' ), $post_mime_type_label) : sprintf(__('Latest %s'), $post_mime_type_label); 62 else 63 $h2_noun = $post_mime_type_label; 64 // Use $_GET instead of is_ since they can override each other 65 $h2_author = ''; 66 $_GET['author'] = (int) $_GET['author']; 67 if ( $_GET['author'] != 0 ) { 68 if ( $_GET['author'] == '-' . $user_ID ) { // author exclusion 69 $h2_author = ' ' . __('by other authors'); 70 } else { 71 $author_user = get_userdata( get_query_var( 'author' ) ); 72 $h2_author = ' ' . sprintf(__('by %s'), wp_specialchars( $author_user->display_name )); 116 73 } 117 74 } 118 119 echo "\t<li class='$class'><a href='$_href' class='upload-tab-link' title='{$tab_array[0]}'>{$tab_array[0]}</a>$page_links</li>\n"; 120 } 121 unset($t, $tab_array, $href, $_href, $page_links, $total, $per, $class); 122 echo "</ul>\n\n"; 123 124 echo "<div id='upload-content' class='$tab'>\n"; 125 126 call_user_func( $wp_upload_tabs[$tab][2] ); 127 128 echo "</div>\n"; 129 130 if ( 'inline' != $style ) : 131 echo "<div class='clear'></div></div>"; 132 include_once('admin-footer.php'); 133 else : ?> 134 <script type="text/javascript">if(typeof wpOnload=='function')wpOnload();</script> 135 136 </body> 137 </html> 138 <?php endif; ?> 75 $h2_search = isset($_GET['s']) && $_GET['s'] ? ' ' . sprintf(__('matching “%s”'), wp_specialchars( get_search_query() ) ) : ''; 76 $h2_cat = isset($_GET['cat']) && $_GET['cat'] ? ' ' . sprintf( __('in “%s”'), single_cat_title('', false) ) : ''; 77 $h2_tag = isset($_GET['tag']) && $_GET['tag'] ? ' ' . sprintf( __('tagged with “%s”'), single_tag_title('', false) ) : ''; 78 $h2_month = isset($_GET['m']) && $_GET['m'] ? ' ' . sprintf( __('during %s'), single_month_title(' ', false) ) : ''; 79 printf( _c( '%1$s%2$s%3$s%4$s%5$s%6$s|You can reorder these: 1: Posts, 2: by {s}, 3: matching {s}, 4: in {s}, 5: tagged with {s}, 6: during {s}' ), $h2_noun, $h2_author, $h2_search, $h2_cat, $h2_tag, $h2_month ); 80 } 81 ?></h2> 82 83 <ul class="subsubsub"> 84 <?php 85 $status_links = array(); 86 $_num_posts = (array) wp_count_attachments(); 87 $matches = wp_match_mime_types(array_keys($post_mime_types), array_keys($_num_posts)); 88 foreach ( $matches as $type => $reals ) 89 foreach ( $reals as $real ) 90 $num_posts[$type] += $_num_posts[$real]; 91 foreach ( $post_mime_types as $mime_type => $label ) { 92 $class = ''; 93 94 if ( !wp_match_mime_types($mime_type, $avail_post_mime_types) ) 95 continue; 96 97 if ( wp_match_mime_types($mime_type, $_GET['post_mime_type']) ) 98 $class = ' class="current"'; 99 100 $status_links[] = "<li><a href=\"upload.php?post_mime_type=$mime_type\"$class>" . 101 sprintf($label[2], $num_posts[$mime_type]) . '</a>'; 102 } 103 $class = empty($_GET['post_mime_type']) ? ' class="current"' : ''; 104 $status_links[] = "<li><a href=\"upload.php\"$class>".__('All Types')."</a>"; 105 echo implode(' |</li>', $status_links) . '</li>'; 106 unset($status_links); 107 ?> 108 </ul> 109 110 <?php 111 if ( isset($_GET['posted']) && $_GET['posted'] ) : $_GET['posted'] = (int) $_GET['posted']; ?> 112 <div id="message" class="updated fade"><p><strong><?php _e('Your post has been saved.'); ?></strong> <a href="<?php echo get_permalink( $_GET['posted'] ); ?>"><?php _e('View post'); ?></a> | <a href="post.php?action=edit&post=<?php echo $_GET['posted']; ?>"><?php _e('Edit post'); ?></a></p></div> 113 <?php 114 endif; 115 ?> 116 117 <p id="post-search"> 118 <input type="text" id="post-search-input" name="s" value="<?php the_search_query(); ?>" /> 119 <input type="submit" value="<?php _e( 'Search Media' ); ?>" /> 120 </p> 121 122 <?php do_action('restrict_manage_posts'); ?> 123 124 <br style="clear:both;" /> 125 126 <div class="tablenav"> 127 128 <?php 129 $page_links = paginate_links( array( 130 'base' => add_query_arg( 'paged', '%#%' ), 131 'format' => '', 132 'total' => ceil($wp_query->found_posts / 15), 133 'current' => $_GET['paged'] 134 )); 135 136 if ( $page_links ) 137 echo "<div class='tablenav-pages'>$page_links</div>"; 138 ?> 139 140 <div style="float: left"> 141 <input type="submit" value="<?php _e('Delete'); ?>" name="deleteit" /> 142 <?php wp_nonce_field('bulk-posts'); ?> 143 <?php 144 145 $arc_query = "SELECT DISTINCT YEAR(post_date) AS yyear, MONTH(post_date) AS mmonth FROM $wpdb->posts WHERE post_type = 'post' ORDER BY post_date DESC"; 146 147 $arc_result = $wpdb->get_results( $arc_query ); 148 149 $month_count = count($arc_result); 150 151 if ( $month_count && !( 1 == $month_count && 0 == $arc_result[0]->mmonth ) ) { ?> 152 <select name='m'> 153 <option<?php selected( @$_GET['m'], 0 ); ?> value='0'><?php _e('Show all dates'); ?></option> 154 <?php 155 foreach ($arc_result as $arc_row) { 156 if ( $arc_row->yyear == 0 ) 157 continue; 158 $arc_row->mmonth = zeroise( $arc_row->mmonth, 2 ); 159 160 if ( $arc_row->yyear . $arc_row->mmonth == $_GET['m'] ) 161 $default = ' selected="selected"'; 162 else 163 $default = ''; 164 165 echo "<option$default value='$arc_row->yyear$arc_row->mmonth'>"; 166 echo $wp_locale->get_month($arc_row->mmonth) . " $arc_row->yyear"; 167 echo "</option>\n"; 168 } 169 ?> 170 </select> 171 <?php } ?> 172 173 <input type="submit" id="post-query-submit" value="<?php _e('Filter »'); ?>" class="button" /> 174 175 </div> 176 177 <br style="clear:both;" /> 178 </div> 179 180 <br style="clear:both;" /> 181 182 <?php include( 'edit-attachment-rows.php' ); ?> 183 184 </form> 185 186 <form action="" method="post" id="get-extra-posts" class="add:the-extra-list:" style="display:none"> 187 <?php wp_nonce_field( 'add-post', '_ajax_nonce', false ); ?> 188 </form> 189 190 <div id="ajax-response"></div> 191 192 <div class="tablenav"> 193 194 <?php 195 if ( $page_links ) 196 echo "<div class='tablenav-pages'>$page_links</div>"; 197 ?> 198 <br style="clear:both;" /> 199 </div> 200 201 <?php 202 203 if ( 1 == count($posts) && isset( $_GET['p'] ) ) { 204 205 $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = $id AND comment_approved != 'spam' ORDER BY comment_date"); 206 if ($comments) { 207 // Make sure comments, post, and post_author are cached 208 update_comment_cache($comments); 209 $post = get_post($id); 210 $authordata = get_userdata($post->post_author); 211 ?> 212 <h3 id="comments"><?php _e('Comments') ?></h3> 213 <ol id="the-comment-list" class="list:comment commentlist"> 214 <?php 215 $i = 0; 216 foreach ( $comments as $comment ) { 217 _wp_comment_list_item( $comment->comment_ID, ++$i ); 218 } 219 echo '</ol>'; 220 } // end if comments 221 ?> 222 <?php } ?> 223 </div> 224 225 <?php include('admin-footer.php'); ?>
Note: See TracChangeset
for help on using the changeset viewer.