diff --git a/wp-admin/admin-ajax.php b/wp-admin/admin-ajax.php
new file mode 100644
index 0000000000..adf9bd8f6e
--- /dev/null
+++ b/wp-admin/admin-ajax.php
@@ -0,0 +1,216 @@
+escape( rawurldecode(stripslashes($i)) );
+ return $i;
+}
+
+function wp_ajax_echo_meta( $pid, $mid, $key, $value ) {
+ $value = wp_specialchars($value, true);
+ $key_js = addslashes(wp_specialchars($key, 'double'));
+ $key = wp_specialchars($key, true);
+ $r = "$mid$pid";
+ $r .= "| ";
+ $r .= "";
+ $r .= " | | ";
+ $r .= "
";
+ $r .= "";
+ $r .= " |
]]>";
+ return $r;
+}
+
+$_POST = wp_clean_ajax_input( $_POST );
+$id = (int) $_POST['id'];
+switch ( $_POST['action'] ) :
+case 'delete-comment' :
+ if ( !$comment = get_comment( $id ) )
+ die('0');
+ if ( !current_user_can( 'edit_post', $comment->comment_post_ID ) )
+ die('-1');
+
+ if ( wp_delete_comment( $comment->comment_ID ) )
+ die('1');
+ else die('0');
+ break;
+case 'delete-comment-as-spam' :
+ if ( !$comment = get_comment( $id ) )
+ die('0');
+ if ( !current_user_can( 'edit_post', $comment->comment_post_ID ) )
+ die('-1');
+
+ if ( wp_set_comment_status( $comment->comment_ID, 'spam' ) )
+ die('1');
+ else die('0');
+ break;
+case 'delete-cat' :
+ if ( !current_user_can( 'manage_categories' ) )
+ die('-1');
+
+ if ( wp_delete_category( $id ) )
+ die('1');
+ else die('0');
+ break;
+case 'delete-link' :
+ if ( !current_user_can( 'manage_links' ) )
+ die('-1');
+
+ if ( wp_delete_link( $id ) )
+ die('1');
+ else die('0');
+ break;
+case 'delete-meta' :
+ if ( !$meta = get_post_meta_by_id( $id ) )
+ die('0');
+ if ( !current_user_can( 'edit_post', $meta->post_id ) )
+ die('-1');
+ if ( delete_meta( $meta->meta_id ) )
+ die('1');
+ die('0');
+ break;
+case 'delete-post' :
+ if ( !current_user_can( 'delete_post', $id ) )
+ die('-1');
+
+ if ( wp_delete_post( $id ) )
+ die('1');
+ else die('0');
+ break;
+case 'delete-page' :
+ if ( !current_user_can( 'delete_page', $id ) )
+ die('-1');
+
+ if ( wp_delete_post( $id ) )
+ die('1');
+ else die('0');
+ break;
+case 'dim-comment' :
+ if ( !$comment = get_comment( $id ) )
+ die('0');
+ if ( !current_user_can( 'edit_post', $comment->comment_post_ID ) )
+ die('-1');
+ if ( !current_user_can( 'moderate_comments' ) )
+ die('-1');
+
+ if ( 'unapproved' == wp_get_comment_status($comment->comment_ID) ) {
+ if ( wp_set_comment_status( $comment->comment_ID, 'approve' ) )
+ die('1');
+ } else {
+ if ( wp_set_comment_status( $comment->comment_ID, 'hold' ) )
+ die('1');
+ }
+ die('0');
+ break;
+case 'add-category' : // On the Fly
+ if ( !current_user_can( 'manage_categories' ) )
+ die('-1');
+ $names = explode(',', $_POST['newcat']);
+ $r = "";
+ foreach ( $names as $cat_name ) {
+ $cat_name = trim($cat_name);
+ if ( !$category_nicename = sanitize_title($cat_name) )
+ die('0');
+ if ( !$cat_id = category_exists( $cat_name ) )
+ $cat_id = wp_create_category( $cat_name );
+ $cat_name = wp_specialchars(stripslashes($cat_name));
+ $r .= "$cat_id";
+ $r .= "]]>";
+ }
+ $r .= '';
+ header('Content-type: text/xml');
+ die($r);
+ break;
+case 'add-cat' : // From Manage->Categories
+ if ( !current_user_can( 'manage_categories' ) )
+ die('-1');
+ if ( !$cat = wp_insert_category( $_POST ) )
+ die('0');
+ if ( !$cat = get_category( $cat ) )
+ die('0');
+ $pad = 0;
+ $_cat = $cat;
+ while ( $_cat->category_parent ) {
+ $_cat = get_category( $_cat->category_parent );
+ $pad++;
+ }
+ $pad = str_repeat('— ', $pad);
+
+ $r = "";
+ $r .= "$cat->cat_ID";
+ $r .= "| $cat->cat_ID | $pad $cat->cat_name | ";
+ $r .= "$cat->category_description | $cat->category_count | $cat->link_count | ";
+ $r .= "" . __('Edit') . " | ";
+ $r .= "cat_name));
+ $r .= "\" );' class='delete'>".__('Delete')." |
|---|
";
+ $r .= "]]>";
+ header('Content-type: text/xml');
+ die($r);
+
+ break;
+case 'add-meta' :
+ if ( !current_user_can( 'edit_post', $id ) )
+ die('-1');
+ if ( $id < 0 ) {
+ if ( $pid = write_post() )
+ $meta = has_meta( $pid );
+ else
+ die('0');
+ $key = $meta[0]['meta_key'];
+ $value = $meta[0]['meta_value'];
+ $mid = (int) $meta[0]['meta_id'];
+ } else {
+ if ( $mid = add_meta( $id ) )
+ $meta = get_post_meta_by_id( $mid );
+ else
+ die('0');
+ $key = $meta->meta_key;
+ $value = $meta->meta_value;
+ $pid = (int) $meta->post_id;
+ }
+ $r = "";
+ $r .= wp_ajax_echo_meta( $pid, $mid, $key, $value );
+ $r .= '';
+ header('Content-type: text/xml');
+ die($r);
+ break;
+case 'update-meta' :
+ $mid = (int) array_pop(array_keys($_POST['meta']));
+ $key = $_POST['meta'][$mid]['key'];
+ $value = $_POST['meta'][$mid]['value'];
+ if ( !$meta = get_post_meta_by_id( $mid ) )
+ die('0');
+ if ( !current_user_can( 'edit_post', $meta->post_id ) )
+ die('-1');
+ $r = "";
+ if ( $u = update_meta( $mid, $key, $value ) ) {
+ $key = stripslashes($key);
+ $value = stripslashes($value);
+ $r .= wp_ajax_echo_meta( $meta->post_id, $mid, $key, $value );
+ }
+ $r .= '';
+ header('Content-type: text/xml');
+ die($r);
+ break;
+default :
+ die('0');
+ break;
+endswitch;
+?>
diff --git a/wp-admin/admin-db.php b/wp-admin/admin-db.php
index 62e7a0fc42..412a2f04b0 100644
--- a/wp-admin/admin-db.php
+++ b/wp-admin/admin-db.php
@@ -174,7 +174,8 @@ function wp_delete_category($cat_ID) {
$parent = $category->category_parent;
// Delete the category.
- $wpdb->query("DELETE FROM $wpdb->categories WHERE cat_ID = '$cat_ID'");
+ if ( !$wpdb->query("DELETE FROM $wpdb->categories WHERE cat_ID = '$cat_ID'") )
+ return 0;
// Update children to point to new parent.
$wpdb->query("UPDATE $wpdb->categories SET category_parent = '$parent' WHERE category_parent = '$cat_ID'");
diff --git a/wp-admin/admin-functions.php b/wp-admin/admin-functions.php
index 4b7d5d2d11..6abfd57135 100644
--- a/wp-admin/admin-functions.php
+++ b/wp-admin/admin-functions.php
@@ -602,12 +602,12 @@ function get_nested_categories($default = 0, $parent = 0) {
function write_nested_categories($categories) {
foreach ($categories as $category) {
- echo '\n";
+ echo '\n";
- if (isset ($category['children'])) {
- echo "\n\n";
+ if ( $category['children'] ) {
+ echo "\n";
write_nested_categories($category['children']);
- echo "
\n";
+ echo "\n";
}
}
}
@@ -626,7 +626,7 @@ function cat_rows($parent = 0, $level = 0, $categories = 0) {
if ($categories) {
foreach ($categories as $category) {
if ($category->category_parent == $parent) {
- $category->cat_name = wp_specialchars($category->cat_name);
+ $category->cat_name = wp_specialchars($category->cat_name,'double');
$pad = str_repeat('— ', $level);
if ( current_user_can('manage_categories') ) {
$edit = "".__('Edit')."";
@@ -634,7 +634,7 @@ function cat_rows($parent = 0, $level = 0, $categories = 0) {
$default_link_cat_id = get_option('default_link_category');
if ( ($category->cat_ID != $default_cat_id) && ($category->cat_ID != $default_link_cat_id) )
- $edit .= "cat_ID, '".sprintf(__("You are about to delete the category "%s". All of its posts and bookmarks will go to the default categories.\\n"OK" to delete, "Cancel" to stop."), wp_specialchars($category->cat_name, 1))."' );\" class='delete'>".__('Delete')."";
+ $edit .= " | cat_ID, '".sprintf(__("You are about to delete the category "%s". All of its posts and bookmarks will go to the default categories.\\n"OK" to delete, "Cancel" to stop."), addslashes($category->cat_name))."' );\" class='delete'>".__('Delete')."";
else
$edit .= " | ".__("Default");
}
@@ -684,7 +684,7 @@ function page_rows($parent = 0, $level = 0, $pages = 0, $hierarchy = true) {
| post_modified); ?> |
|
" . __('Edit') . ""; } ?> |
- " . __('Delete') . ""; } ?> |
+ " . __('Delete') . ""; } ?> |
'; //TBODY needed for list-manipulation JS
return;
+ }
$count = 0;
?>
-
- ";
+ echo $r;
+ echo "\n\t";
}
// Get a list of previously defined keys
@@ -886,7 +890,7 @@ function meta_form() {
LIMIT 10");
?>
-
+
-
+
escape(stripslashes(trim($_POST['metakeyselect'])));
$metakeyinput = $wpdb->escape(stripslashes(trim($_POST['metakeyinput'])));
@@ -926,7 +931,7 @@ function add_meta($post_ID) {
// We have a key/value pair. If both the select and the
// input for the key have data, the input takes precedence:
- if ('#NONE#' != $metakeyselect)
+ if ('#NONE#' != $metakeyselect)
$metakey = $metakeyselect;
if ($metakeyinput)
@@ -937,21 +942,32 @@ function add_meta($post_ID) {
(post_id,meta_key,meta_value)
VALUES ('$post_ID','$metakey','$metavalue')
");
+ return $wpdb->insert_id;
}
+ return false;
} // add_meta
function delete_meta($mid) {
global $wpdb;
+ $mid = (int) $mid;
- $result = $wpdb->query("DELETE FROM $wpdb->postmeta WHERE meta_id = '$mid'");
+ return $wpdb->query("DELETE FROM $wpdb->postmeta WHERE meta_id = '$mid'");
}
function update_meta($mid, $mkey, $mvalue) {
global $wpdb;
+ $mid = (int) $mid;
return $wpdb->query("UPDATE $wpdb->postmeta SET meta_key = '$mkey', meta_value = '$mvalue' WHERE meta_id = '$mid'");
}
+function get_post_meta_by_id($mid) {
+ global $wpdb;
+ $mid = (int) $mid;
+
+ return $wpdb->get_row("SELECT * FROM $wpdb->postmeta WHERE meta_id = '$mid'");
+}
+
function touch_time($edit = 1, $for_post = 1) {
global $month, $post, $comment;
diff --git a/wp-admin/admin-header.php b/wp-admin/admin-header.php
index 3d9e4ee1c8..ddc8915b97 100644
--- a/wp-admin/admin-header.php
+++ b/wp-admin/admin-header.php
@@ -3,10 +3,13 @@
if (!isset($_GET["page"])) require_once('admin.php');
if ( $editing ) {
$dbx_js = true;
- if ( current_user_can('manage_categories') )
+ $pmeta_js = true;
+ if ( current_user_can('manage_categories') ) {
+ $list_js = true;
$cat_js = true;
+ }
}
-if ( $list_js || $cat_js )
+if ( $list_js )
$sack_js = true;
?>
@@ -29,7 +32,13 @@ function addLoadEvent(func) {if ( typeof wpOnload!='function'){wpOnload=func;}el
-
+
+
+
+
+
+
+
diff --git a/wp-admin/admin.php b/wp-admin/admin.php
index 6b04936cee..b80b1259b6 100644
--- a/wp-admin/admin.php
+++ b/wp-admin/admin.php
@@ -40,7 +40,7 @@ for ($i=0; $i
-var ajaxCat = new sack();
-var newcat;
-
+addLoadEvent(function(){catList=new listMan('categorychecklist');catList.ajaxRespEl='jaxcat';catList.clearInputs.push('newcat');});
+addLoadEvent(newCatAddIn);
function newCatAddIn() {
if ( !document.getElementById('jaxcat') ) return false;
var ajaxcat = document.createElement('span');
@@ -16,163 +15,21 @@ function newCatAddIn() {
newcat.id = 'newcat';
newcat.size = '16';
newcat.setAttribute('autocomplete', 'off');
- newcat.onkeypress = ajaxNewCatKeyPress;
+ newcat.onkeypress = function(e) { return killSubmit("catList.ajaxAdder('category','categorydiv');", e); };
var newcatSub = document.createElement('input');
newcatSub.type = 'button';
newcatSub.name = 'Button';
newcatSub.id = 'catadd';
- newcatSub.value = '';
- newcatSub.onclick = ajaxNewCat;
+ newcatSub.value = 'Add';
+ newcatSub.onclick = function() { catList.ajaxAdder('category', 'categorydiv'); };
ajaxcat.appendChild(newcat);
ajaxcat.appendChild(newcatSub);
document.getElementById('jaxcat').appendChild(ajaxcat);
howto = document.createElement('span');
- howto.innerHTML = '';
+ howto.innerHTML = "";
howto.id = 'howto';
ajaxcat.appendChild(howto);
}
-
-addLoadEvent(newCatAddIn);
-
-function getResponseElement() {
- var p = document.getElementById('ajaxcatresponse');
- if (!p) {
- p = document.createElement('span');
- document.getElementById('jaxcat').appendChild(p);
- p.id = 'ajaxcatresponse';
- }
- return p;
-}
-
-function newCatLoading() {
- var p = getResponseElement();
- p.innerHTML = '';
-}
-
-function newCatLoaded() {
- var p = getResponseElement();
- p.innerHTML = '';
-}
-
-function newCatInteractive() {
- var p = getResponseElement();
- p.innerHTML = '';
-}
-
-function newCatCompletion() {
- var p = getResponseElement();
- var id = 0;
- var ids = new Array();
- var names = new Array();
-
- ids = myPload( ajaxCat.response );
- names = myPload( newcat.value );
- for ( i = 0; i < ids.length; i++ ) {
- id = ids[i].replace(/[\n\r]+/g, "");
- if ( id == '-1' ) {
- p.innerHTML = "";
- return;
- }
- if ( id == '0' ) {
- p.innerHTML = "";
- return;
- }
-
- var exists = document.getElementById('category-' + id);
-
- if (exists) {
- var moveIt = exists.parentNode;
- var container = moveIt.parentNode;
- container.removeChild(moveIt);
- container.insertBefore(moveIt, container.firstChild);
- moveIt.id = 'new-category-' + id;
- exists.checked = 'checked';
- var nowClass = moveIt.className;
- moveIt.className = nowClass + ' fade';
- Fat.fade_all();
- moveIt.className = nowClass;
- } else {
- var catDiv = document.getElementById('categorychecklist');
- var newLabel = document.createElement('label');
- newLabel.setAttribute('for', 'category-' + id);
- newLabel.id = 'new-category-' + id;
- newLabel.className = 'selectit fade';
-
- var newCheck = document.createElement('input');
- newCheck.type = 'checkbox';
- newCheck.value = id;
- newCheck.name = 'post_category[]';
- newCheck.id = 'category-' + id;
- newLabel.appendChild(newCheck);
-
- var newLabelText = document.createTextNode(' ' + names[i]);
- newLabel.appendChild(newLabelText);
-
- catDiv.insertBefore(newLabel, catDiv.firstChild);
- newCheck.checked = 'checked';
-
- Fat.fade_all();
- newLabel.className = 'selectit';
- }
- newcat.value = '';
- }
- p.parentNode.removeChild(p);
-// var id = parseInt(ajaxCat.response, 10);
-}
-
-function ajaxNewCatKeyPress(e) {
- if (!e) {
- if (window.event) {
- e = window.event;
- } else {
- return;
- }
- }
- if (e.keyCode == 13) {
- ajaxNewCat();
- e.returnValue = false;
- e.cancelBubble = true;
- return false;
- }
-}
-
-function ajaxNewCat() {
- var newcat = document.getElementById('newcat');
- var split_cats = new Array(1);
- var catString = '';
-
- catString = 'ajaxnewcat=' + encodeURIComponent(newcat.value);
- ajaxCat.requestFile = 'edit-form-ajax-cat.php';
- ajaxCat.method = 'GET';
- ajaxCat.onLoading = newCatLoading;
- ajaxCat.onLoaded = newCatLoaded;
- ajaxCat.onInteractive = newCatInteractive;
- ajaxCat.onCompletion = newCatCompletion;
- ajaxCat.runAJAX(catString);
-}
-
-function myPload( str ) {
- var fixedExplode = new Array();
- var comma = new String(',');
- var count = 0;
- var currentElement = '';
-
- for( x=0; x < str.length; x++) {
- andy = str.charAt(x);
- if ( comma.indexOf(andy) != -1 ) {
- currentElement = currentElement.replace(new RegExp('^\\s*(.*?)\\s*$', ''), '$1'); // trim
- fixedExplode[count] = currentElement;
- currentElement = "";
- count++;
- } else {
- currentElement += andy;
- }
- }
-
- if ( currentElement != "" )
- fixedExplode[count] = currentElement;
- return fixedExplode;
-}
\ No newline at end of file
diff --git a/wp-admin/categories.js b/wp-admin/categories.js
new file mode 100644
index 0000000000..d339c5c6c3
--- /dev/null
+++ b/wp-admin/categories.js
@@ -0,0 +1,6 @@
+addLoadEvent(newCategoryAddIn);
+function newCategoryAddIn() {
+ if (!theList.theList) return false;
+ document.forms.addcat.submit.onclick = function(e) {return killSubmit('theList.ajaxAdder("cat", "addcat");', e); };
+ theList.clearInputs.push('cat_name','category_parent','category_description');
+}
diff --git a/wp-admin/categories.php b/wp-admin/categories.php
index 63284014ac..14e63f7227 100644
--- a/wp-admin/categories.php
+++ b/wp-admin/categories.php
@@ -3,7 +3,6 @@ require_once('admin.php');
$title = __('Categories');
$parent_file = 'edit.php';
-$list_js = true;
$wpvarstoreset = array('action','cat');
for ($i=0; $i
-
+
+
|
|
@@ -130,9 +131,12 @@ $messages[3] = __('Category updated.');
|
|
+
+
+
@@ -149,14 +153,14 @@ cat_rows();
diff --git a/wp-admin/custom-fields.js b/wp-admin/custom-fields.js
new file mode 100644
index 0000000000..5b9f479c4c
--- /dev/null
+++ b/wp-admin/custom-fields.js
@@ -0,0 +1,25 @@
+addLoadEvent(customFieldsAddIn);
+function customFieldsAddIn() {
+ if (!theList.theList) return false;
+ inputs = theList.theList.getElementsByTagName('input');
+ for ( var i=0; i < inputs.length; i++ ) {
+ if ('text' == inputs[i].type) {
+ inputs[i].setAttribute('autocomplete', 'off');
+ inputs[i].onkeypress = function(e) {return killSubmit('theList.ajaxUpdater("meta", "meta-' + parseInt(this.name.slice(5),10) + '");', e); };
+ }
+ if ('updatemeta' == inputs[i].className) {
+ inputs[i].onclick = function(e) {return killSubmit('theList.ajaxUpdater("meta", "meta-' + parseInt(this.parentNode.parentNode.id.slice(5),10) + '");', e); };
+ }
+ }
+
+ document.getElementById('metakeyinput').onkeypress = function(e) {return killSubmit('theList.inputData+="&id="+document.getElementById("post_ID").value;theList.ajaxAdder("meta", "newmeta", customFieldsOnComplete);', e); };
+ document.getElementById('updatemetasub').onclick = function(e) {return killSubmit('theList.inputData+="&id="+document.getElementById("post_ID").value;theList.ajaxAdder("meta", "newmeta", customFieldsOnComplete);', e); };
+ theList.clearInputs.push('metakeyselect','metakeyinput','metavalue');
+}
+function customFieldsOnComplete() {
+ var pidEl = document.getElementById('post_ID');
+ pidEl.name = 'post_ID';
+ pidEl.value = getNodeValue(theList.ajaxAdd.responseXML, 'postid');
+ var aEl = document.getElementById('hiddenaction')
+ if ( aEl.value == 'post' ) aEl.value = 'postajaxpost';
+}
diff --git a/wp-admin/edit-comments.php b/wp-admin/edit-comments.php
index 632f2099d8..b4e946a608 100644
--- a/wp-admin/edit-comments.php
+++ b/wp-admin/edit-comments.php
@@ -133,13 +133,13 @@ if ('view' == $mode) {
|
-
+
@@ -162,19 +162,28 @@ if ('view' == $mode) {
';
foreach ($comments as $comment) {
$authordata = get_userdata($wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = $comment->comment_post_ID"));
+ $comment_status = wp_get_comment_status($comment->comment_ID);
$class = ('alternate' == $class) ? '' : 'alternate';
+ $class .= ('unapproved' == $comment_status) ? ' unapproved' : '';
?>
-
+
'); return false } return confirm('')" />
')" />
+
diff --git a/wp-admin/edit-form-advanced.php b/wp-admin/edit-form-advanced.php
index 5ef39cc013..504a8565c6 100644
--- a/wp-admin/edit-form-advanced.php
+++ b/wp-admin/edit-form-advanced.php
@@ -21,10 +21,10 @@ $messages[3] = __('Custom field deleted.');
if (0 == $post_ID) {
$form_action = 'post';
$temp_ID = -1 * time();
- $form_extra = "";
+ $form_extra = "";
} else {
$form_action = 'editpost';
- $form_extra = "";
+ $form_extra = "";
}
$form_pingback = '';
@@ -49,7 +49,7 @@ if (empty($post->post_status)) $post->post_status = 'draft';
?>
-
+
@@ -72,7 +72,7 @@ addLoadEvent(focusit);
+