-
+
Login:
Password:
diff --git a/wp-admin/b2edit.php b/wp-admin/b2edit.php
index 0bffbfa8cf..7de319ed13 100644
--- a/wp-admin/b2edit.php
+++ b/wp-admin/b2edit.php
@@ -79,6 +79,7 @@ switch($action) {
$comment_status = $HTTP_POST_VARS['comment_status'];
$ping_status = $HTTP_POST_VARS['ping_status'];
$post_password = addslashes($HTTP_POST_VARS['post_password']);
+ $post_name = sanitize_title($post_title);
if ($user_level == 0)
die ('Cheatin’ uh?');
@@ -101,15 +102,15 @@ switch($action) {
if((get_settings('use_geo_positions')) && (strlen($latstr) > 2) && (strlen($lonstr) > 2) ) {
$postquery ="INSERT INTO $tableposts
- (ID, post_author, post_date, post_content, post_title, post_category, post_lat, post_lon, post_excerpt, post_status, comment_status, ping_status, post_password)
+ (ID, post_author, post_date, post_content, post_title, post_category, post_lat, post_lon, post_excerpt, post_status, comment_status, ping_status, post_password, post_name)
VALUES
- ('0','$user_ID','$now','$content','$post_title','$post_category',$post_latf,$post_lonf,'$excerpt', '$post_status', '$comment_status', '$ping_status', '$post_password')
+ ('0','$user_ID','$now','$content','$post_title','$post_category',$post_latf,$post_lonf,'$excerpt', '$post_status', '$comment_status', '$ping_status', '$post_password', '$post_name')
";
} else {
$postquery ="INSERT INTO $tableposts
- (ID, post_author, post_date, post_content, post_title, post_category, post_excerpt, post_status, comment_status, ping_status, post_password)
+ (ID, post_author, post_date, post_content, post_title, post_category, post_excerpt, post_status, comment_status, ping_status, post_password, post_name)
VALUES
- ('0','$user_ID','$now','$content','$post_title','$post_category','$excerpt', '$post_status', '$comment_status', '$ping_status', '$post_password')
+ ('0','$user_ID','$now','$content','$post_title','$post_category','$excerpt', '$post_status', '$comment_status', '$ping_status', '$post_password', '$post_name')
";
}
$postquery =
@@ -239,6 +240,7 @@ switch($action) {
$comment_status = $HTTP_POST_VARS['comment_status'];
$ping_status = $HTTP_POST_VARS['ping_status'];
$post_password = addslashes($HTTP_POST_VARS['post_password']);
+ $post_name = sanitize_title($post_title);
if (($user_level > 4) && (!empty($HTTP_POST_VARS['edit_date']))) {
$aa = $HTTP_POST_VARS['aa'];
@@ -266,7 +268,8 @@ switch($action) {
post_status = '$post_status',
comment_status = '$comment_status',
ping_status = '$ping_status',
- post_password = '$post_password'
+ post_password = '$post_password',
+ post_name = '$post_name'
WHERE ID = $post_ID ");
if (isset($sleep_after_edit) && $sleep_after_edit > 0) {
@@ -276,7 +279,6 @@ switch($action) {
// are we going from draft/private to published?
if ((($prev_status == 'draft') || ($prev_status == 'private')) && ($post_status == 'publish')) {
pingWeblogs($blog_ID);
- pingCafelog($cafelogID, $post_title, $post_ID);
pingBlogs($blog_ID);
if ($post_pingback) {
diff --git a/wp-admin/b2menutop.txt b/wp-admin/b2menutop.txt
index 1874434c0a..1708655f52 100644
--- a/wp-admin/b2menutop.txt
+++ b/wp-admin/b2menutop.txt
@@ -1,4 +1,5 @@
-1 b2edit.php Post / Edit
+1 wp-post.php Post
+1 edit.php Edit
3 b2team.php Team
4 wp-options.php Options
3 b2categories.php Categories
diff --git a/wp-admin/edit.php b/wp-admin/edit.php
new file mode 100644
index 0000000000..f540e17210
--- /dev/null
+++ b/wp-admin/edit.php
@@ -0,0 +1,342 @@
+
+
+
+
+
+
+ Show posts:
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Edit ";
+ echo " - Delete ";
+ }
+ if ('private' == $post->post_status) echo ' - Private ';
+ ?>
+ ]
+ ( , in
+ get_results("SELECT * FROM $tablecomments WHERE comment_post_ID = $id ORDER BY comment_date");
+ if ($comments) {
+ ?>
+
+
Comments
+
+
+
+
+
+
+
+
+ No results found.
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/wp-admin/index.php b/wp-admin/index.php
index dd8dc149fd..eeabad8673 100644
--- a/wp-admin/index.php
+++ b/wp-admin/index.php
@@ -2,5 +2,5 @@
/* This will possibly be more later but for now let's just redirect. */
-header ('Location: b2edit.php');
+header ('Location: wp-post.php');
?>
\ No newline at end of file
diff --git a/wp-admin/wp-edit.form.php b/wp-admin/wp-edit.form.php
index ae46394267..779d89cef7 100644
--- a/wp-admin/wp-edit.form.php
+++ b/wp-admin/wp-edit.form.php
@@ -1,4 +1,3 @@
-
Go to: Post/Edit | Posts | Comments
+
Category :
@@ -205,7 +204,9 @@ if (get_settings('use_geo_positions')) {
-
+
= $fileupload_minlevel) && (in_array($user_login, $allowed_users) || (trim($fileupload_allowedusers)=="")) ) { ?>
diff --git a/wp-admin/wp-post.php b/wp-admin/wp-post.php
new file mode 100644
index 0000000000..212142a553
--- /dev/null
+++ b/wp-admin/wp-post.php
@@ -0,0 +1,467 @@
+ */
+
+function add_magic_quotes($array) {
+ foreach ($array as $k => $v) {
+ if (is_array($v)) {
+ $array[$k] = add_magic_quotes($v);
+ } else {
+ $array[$k] = addslashes($v);
+ }
+ }
+ return $array;
+}
+
+if (!get_magic_quotes_gpc()) {
+ $HTTP_GET_VARS = add_magic_quotes($HTTP_GET_VARS);
+ $HTTP_POST_VARS = add_magic_quotes($HTTP_POST_VARS);
+ $HTTP_COOKIE_VARS = add_magic_quotes($HTTP_COOKIE_VARS);
+}
+
+$b2varstoreset = array('action', 'safe_mode', 'withcomments', 'c', 'posts', 'poststart', 'postend', 'content', 'edited_post_title', 'comment_error', 'profile', 'trackback_url', 'excerpt', 'showcomments', 'commentstart', 'commentend', 'commentorder');
+
+for ($i=0; $i
2) && (strlen($lonstr) > 2 ) ) {
+ $post_latf = floatval($HTTP_POST_VARS['post_latf']);
+ $post_lonf = floatval($HTTP_POST_VARS['post_lonf']);
+ }
+ }
+ $post_status = $HTTP_POST_VARS['post_status'];
+ $comment_status = $HTTP_POST_VARS['comment_status'];
+ $ping_status = $HTTP_POST_VARS['ping_status'];
+ $post_password = addslashes($HTTP_POST_VARS['post_password']);
+ $post_name = sanitize_title($post_title);
+
+ if ($user_level == 0)
+ die ('Cheatin’ uh?');
+
+ if (($user_level > 4) && (!empty($HTTP_POST_VARS['edit_date']))) {
+ $aa = $HTTP_POST_VARS['aa'];
+ $mm = $HTTP_POST_VARS['mm'];
+ $jj = $HTTP_POST_VARS['jj'];
+ $hh = $HTTP_POST_VARS['hh'];
+ $mn = $HTTP_POST_VARS['mn'];
+ $ss = $HTTP_POST_VARS['ss'];
+ $jj = ($jj > 31) ? 31 : $jj;
+ $hh = ($hh > 23) ? $hh - 24 : $hh;
+ $mn = ($mn > 59) ? $mn - 60 : $mn;
+ $ss = ($ss > 59) ? $ss - 60 : $ss;
+ $now = "$aa-$mm-$jj $hh:$mn:$ss";
+ } else {
+ $now = date('Y-m-d H:i:s', (time() + ($time_difference * 3600)));
+ }
+
+ if((get_settings('use_geo_positions')) && (strlen($latstr) > 2) && (strlen($lonstr) > 2) ) {
+ $postquery ="INSERT INTO $tableposts
+ (ID, post_author, post_date, post_content, post_title, post_category, post_lat, post_lon, post_excerpt, post_status, comment_status, ping_status, post_password, post_name)
+ VALUES
+ ('0','$user_ID','$now','$content','$post_title','$post_category',$post_latf,$post_lonf,'$excerpt', '$post_status', '$comment_status', '$ping_status', '$post_password', '$post_name')
+ ";
+ } else {
+ $postquery ="INSERT INTO $tableposts
+ (ID, post_author, post_date, post_content, post_title, post_category, post_excerpt, post_status, comment_status, ping_status, post_password, post_name)
+ VALUES
+ ('0','$user_ID','$now','$content','$post_title','$post_category','$excerpt', '$post_status', '$comment_status', '$ping_status', '$post_password', '$post_name')
+ ";
+ }
+ $postquery =
+ $result = $wpdb->query($postquery);
+
+ $post_ID = $wpdb->get_var("SELECT ID FROM $tableposts ORDER BY ID DESC LIMIT 1");
+
+ if (isset($sleep_after_edit) && $sleep_after_edit > 0) {
+ sleep($sleep_after_edit);
+ }
+
+ if ($post_status == 'publish') {
+ if((get_settings('use_geo_positions')) && ($post_latf != null) && ($post_lonf != null)) {
+ pingGeoUrl($post_ID);
+ }
+ pingWeblogs($blog_ID);
+ pingBlogs($blog_ID);
+
+ if ($post_pingback) {
+ pingback($content, $post_ID);
+ }
+
+ if (!empty($HTTP_POST_VARS['trackback_url'])) {
+ if (strlen($excerpt) > 0) {
+ $the_excerpt = (strlen(strip_tags($excerpt)) > 255) ? substr(strip_tags($excerpt), 0, 252) . '...' : strip_tags($excerpt) ;
+ } else {
+ $the_excerpt = (strlen(strip_tags($content)) > 255) ? substr(strip_tags($content), 0, 252) . '...' : strip_tags($content);
+ }
+ $excerpt = stripslashes($the_excerpt);
+ $trackback_urls = explode(',', $HTTP_POST_VARS['trackback_url']);
+ foreach($trackback_urls as $tb_url) {
+ $tb_url = trim($tb_url);
+ trackback($tb_url, stripslashes($post_title), $excerpt, $post_ID);
+ }
+ }
+ } // end if publish
+
+ if (!empty($HTTP_POST_VARS['mode'])) {
+ switch($HTTP_POST_VARS['mode']) {
+ case 'bookmarklet':
+ $location = 'b2bookmarklet.php?a=b';
+ break;
+ case 'sidebar':
+ $location = 'b2sidebar.php?a=b';
+ break;
+ default:
+ $location = 'wp-post.php';
+ break;
+ }
+ } else {
+ $location = 'wp-post.php';
+ }
+ header("Location: $location");
+ exit();
+ break;
+
+ case 'edit':
+ $title = 'Edit';
+
+ $standalone = 0;
+ require_once('b2header.php');
+
+ $post = $HTTP_GET_VARS['post'];
+ if ($user_level > 0) {
+ $postdata = get_postdata($post);
+ $authordata = get_userdata($postdata['Author_ID']);
+ if ($user_level < $authordata->user_level)
+ die ('You don’t have the right to edit '.$authordata[1].' ’s posts.');
+
+ $content = $postdata['Content'];
+ $content = format_to_edit($content);
+ $edited_lat = $postdata["Lat"];
+ $edited_lon = $postdata["Lon"];
+ $excerpt = $postdata['Excerpt'];
+ $excerpt = format_to_edit($excerpt);
+ $edited_post_title = format_to_edit($postdata['Title']);
+ $post_status = $postdata['post_status'];
+ $comment_status = $postdata['comment_status'];
+ $ping_status = $postdata['ping_status'];
+ $post_password = $postdata['post_password'];
+
+ include('wp-edit.form.php');
+ } else {
+?>
+ Since you’re a newcomer, you’ll have to wait for an admin to raise your level to 1,
+ in order to be authorized to post.e-mail the admin
+ to ask for a promotion.
+= -90) && ($lonf != null) && ($lonf <= 360) && ($lonf >= -360) ) {
+ pingGeoUrl($post_ID);
+ $latlonaddition = " post_lat=".$latf.", post_lon =".$lonf.", ";
+ } else {
+ $latlonaddition = " post_lat=null, post_lon=null, ";
+ }
+ }
+ $post_status = $HTTP_POST_VARS['post_status'];
+ $prev_status = $HTTP_POST_VARS['prev_status'];
+ $comment_status = $HTTP_POST_VARS['comment_status'];
+ $ping_status = $HTTP_POST_VARS['ping_status'];
+ $post_password = addslashes($HTTP_POST_VARS['post_password']);
+ $post_name = sanitize_title($post_title);
+
+ if (($user_level > 4) && (!empty($HTTP_POST_VARS['edit_date']))) {
+ $aa = $HTTP_POST_VARS['aa'];
+ $mm = $HTTP_POST_VARS['mm'];
+ $jj = $HTTP_POST_VARS['jj'];
+ $hh = $HTTP_POST_VARS['hh'];
+ $mn = $HTTP_POST_VARS['mn'];
+ $ss = $HTTP_POST_VARS['ss'];
+ $jj = ($jj > 31) ? 31 : $jj;
+ $hh = ($hh > 23) ? $hh - 24 : $hh;
+ $mn = ($mn > 59) ? $mn - 60 : $mn;
+ $ss = ($ss > 59) ? $ss - 60 : $ss;
+ $datemodif = ", post_date=\"$aa-$mm-$jj $hh:$mn:$ss\"";
+ } else {
+ $datemodif = '';
+ }
+
+ $result = $wpdb->query("
+ UPDATE $tableposts SET
+ post_content = '$content',
+ post_excerpt = '$excerpt',
+ post_title = '$post_title',
+ post_category = '$post_category'".$datemodif.",
+ ".$latlonaddition."
+ post_status = '$post_status',
+ comment_status = '$comment_status',
+ ping_status = '$ping_status',
+ post_password = '$post_password',
+ post_name = '$post_name'
+ WHERE ID = $post_ID ");
+
+ if (isset($sleep_after_edit) && $sleep_after_edit > 0) {
+ sleep($sleep_after_edit);
+ }
+
+ // are we going from draft/private to published?
+ if ((($prev_status == 'draft') || ($prev_status == 'private')) && ($post_status == 'publish')) {
+ pingWeblogs($blog_ID);
+ pingBlogs($blog_ID);
+
+ if ($post_pingback) {
+ pingback($content, $post_ID);
+ }
+
+ if (!empty($HTTP_POST_VARS['trackback_url'])) {
+ $excerpt = (strlen(strip_tags($content)) > 255) ? substr(strip_tags($content), 0, 252) . '...' : strip_tags($content);
+ $excerpt = stripslashes($excerpt);
+ $trackback_urls = explode(',', $HTTP_POST_VARS['trackback_url']);
+ foreach($trackback_urls as $tb_url) {
+ $tb_url = trim($tb_url);
+ trackback($tb_url, stripslashes($post_title), $excerpt, $post_ID);
+ }
+ }
+ } // end if publish
+
+ $location = "Location: wp-post.php";
+ header ($location);
+ break;
+
+ case 'delete':
+
+ $standalone = 1;
+ require_once('./b2header.php');
+
+ if ($user_level == 0)
+ die ('Cheatin’ uh?');
+
+ $post = $HTTP_GET_VARS['post'];
+ $postdata = get_postdata($post) or die('Oops, no post with this ID. Go back !');
+ $authordata = get_userdata($postdata['Author_ID']);
+
+ if ($user_level < $authordata->user_level)
+ die ('You don’t have the right to delete '.$authordata[1].' ’s posts.');
+
+ // send geoURL ping to "erase" from their DB
+ $query = "SELECT post_lat from $tableposts WHERE ID=$post";
+ $rows = $wpdb->query($query);
+ $myrow = $rows[0];
+ $latf = $myrow->post_lat;
+ if($latf != null ) {
+ pingGeoUrl($post);
+ }
+
+ $result = $wpdb->query("DELETE FROM $tableposts WHERE ID=$post");
+ if (!$result)
+ die('Error in deleting... contact the webmaster .');
+
+ $result = $wpdb->query("DELETE FROM $tablecomments WHERE comment_post_ID=$post");
+
+ if (isset($sleep_after_edit) && $sleep_after_edit > 0) {
+ sleep($sleep_after_edit);
+ }
+
+ // pingWeblogs($blog_ID);
+
+ header ('Location: ' . $HTTP_SERVER_VARS['HTTP_REFERER']);
+
+ break;
+
+ case 'editcomment':
+ $title = 'Edit Comment';
+ $standalone = 0;
+ require_once ('b2header.php');
+
+ get_currentuserinfo();
+
+ if ($user_level == 0) {
+ die ('Cheatin’ uh?');
+ }
+
+ $comment = $HTTP_GET_VARS['comment'];
+ $commentdata = get_commentdata($comment, 1) or die('Oops, no comment with this ID. Go back !');
+ $content = $commentdata['comment_content'];
+ $content = format_to_edit($content);
+
+ include('wp-edit.form.php');
+
+ break;
+
+ case 'deletecomment':
+
+ $standalone = 1;
+ require_once('./b2header.php');
+
+ if ($user_level == 0)
+ die ('Cheatin’ uh?');
+
+ $comment = $HTTP_GET_VARS['comment'];
+ $p = $HTTP_GET_VARS['p'];
+ $commentdata = get_commentdata($comment) or die('Oops, no comment with this ID. Go back !');
+
+ $result = $wpdb->query("DELETE FROM $tablecomments WHERE comment_ID=$comment");
+
+ header ('Location: ' . $HTTP_SERVER_VARS['HTTP_REFERER']);
+
+ break;
+
+ case 'editedcomment':
+
+ $standalone = 1;
+ require_once('./b2header.php');
+
+ if ($user_level == 0)
+ die ('Cheatin’ uh?');
+
+ $comment_ID = $HTTP_POST_VARS['comment_ID'];
+ $comment_post_ID = $HTTP_POST_VARS['comment_post_ID'];
+ $newcomment_author = $HTTP_POST_VARS['newcomment_author'];
+ $newcomment_author_email = $HTTP_POST_VARS['newcomment_author_email'];
+ $newcomment_author_url = $HTTP_POST_VARS['newcomment_author_url'];
+ $newcomment_author = addslashes($newcomment_author);
+ $newcomment_author_email = addslashes($newcomment_author_email);
+ $newcomment_author_url = addslashes($newcomment_author_url);
+
+ if (($user_level > 4) && (!empty($HTTP_POST_VARS['edit_date']))) {
+ $aa = $HTTP_POST_VARS['aa'];
+ $mm = $HTTP_POST_VARS['mm'];
+ $jj = $HTTP_POST_VARS['jj'];
+ $hh = $HTTP_POST_VARS['hh'];
+ $mn = $HTTP_POST_VARS['mn'];
+ $ss = $HTTP_POST_VARS['ss'];
+ $jj = ($jj > 31) ? 31 : $jj;
+ $hh = ($hh > 23) ? $hh - 24 : $hh;
+ $mn = ($mn > 59) ? $mn - 60 : $mn;
+ $ss = ($ss > 59) ? $ss - 60 : $ss;
+ $datemodif = ", comment_date = 'aa-$mm-$jj $hh:$mn:$ss'";
+ } else {
+ $datemodif = '';
+ }
+ $content = balanceTags($content);
+ $content = format_to_post($content);
+
+ $result = $wpdb->query("
+ UPDATE $tablecomments SET
+ comment_content = '$content',
+ comment_author = '$newcomment_author',
+ comment_author_email = '$newcomment_author_email',
+ comment_author_url = '$newcomment_author_url'".$datemodif."
+ WHERE comment_ID = $comment_ID"
+ );
+
+ $referredby = $HTTP_SERVER_VARS['HTTP_REFERER'];
+ if (!empty($referredby)) header('Location: ' . $referredby);
+ else header ("Location: edit.php?p=$comment_post_ID&c=1#comments");
+
+ break;
+
+ default:
+ $title = 'Create New Post';
+ $standalone = 0;
+ require_once ('./b2header.php');
+
+ if ($user_level > 0) {
+ if ((!$withcomments) && (!$c)) {
+
+ $action = 'post';
+ get_currentuserinfo();
+ $drafts = $wpdb->get_results("SELECT ID, post_title FROM $tableposts WHERE post_status = 'draft' AND post_author = $user_ID");
+ if ($drafts) {
+ ?>
+
+
Your Drafts:
+ post_title = stripslashes($draft->post_title); if ($draft->post_title == '') $draft->post_title = 'post-'.$draft->ID;
+ echo "$draft->post_title ";
+ ++$i;
+ }
+ ?>.
+
+
Since you’re a newcomer, you’ll have to wait for an admin to raise your level to 1, in order to be authorized to post.e-mail the admin to ask for a promotion.
+
+ ( / ) (IP: ) + +
Error: please fill the required fields (name & comment)
"; + ?> + +Leave Comment
+ + + + +