enmi-conf.org: comparison wp/wp-admin/includes/post.php

equal deleted inserted replaced

-:346c88efed21
+:5e2f62d02dcd
 			else
 				return new WP_Error( 'edit_others_posts', __( 'You are not allowed to create posts as this user.' ) );
 		}
 	}
-	if ( ! empty( $post_data['post_status'] ) )
+	if ( ! empty( $post_data['post_status'] ) ) {
 		$post_data['post_status'] = sanitize_key( $post_data['post_status'] );
+		// No longer an auto-draft
+		if ( 'auto-draft' === $post_data['post_status'] ) {
+			$post_data['post_status'] = 'draft';
+		}
+		if ( ! get_post_status_object( $post_data['post_status'] ) ) {
+			unset( $post_data['post_status'] );
+		}
+	}
 	// What to do based on which button they pressed
 	if ( isset($post_data['saveasdraft']) && '' != $post_data['saveasdraft'] )
 		$post_data['post_status'] = 'draft';
 	if ( isset($post_data['saveasprivate']) && '' != $post_data['saveasprivate'] )
 		$post_id = $post_data['ID'];
 	else
 		$post_id = false;
 	$previous_status = $post_id ? get_post_field( 'post_status', $post_id ) : false;
+	if ( isset( $post_data['post_status'] ) && 'private' == $post_data['post_status'] && ! current_user_can( $ptype->cap->publish_posts ) ) {
+		$post_data['post_status'] = $previous_status ? $previous_status : 'pending';
+	}
 	$published_statuses = array( 'publish', 'future' );
 	// Posts 'submitted for approval' present are submitted to $_POST the same as if they were being published.
 	// Change status from 'publish' to 'pending' if user lacks permissions to publish or to resave published posts.
 	if ( isset($post_data['post_status']) && (in_array( $post_data['post_status'], $published_statuses ) && !current_user_can( $ptype->cap->publish_posts )) )
 		if ( ! in_array( $previous_status, $published_statuses ) || !current_user_can( 'edit_post', $post_id ) )
 			$post_data['post_status'] = 'pending';
-	if ( ! isset($post_data['post_status']) )
+	if ( ! isset( $post_data['post_status'] ) ) {
-		$post_data['post_status'] = $previous_status;
+		$post_data['post_status'] = 'auto-draft' === $previous_status ? 'draft' : $previous_status;
+	}
+	if ( isset( $post_data['post_password'] ) && ! current_user_can( $ptype->cap->publish_posts ) ) {
+		unset( $post_data['post_password'] );
+	}
 	if (!isset( $post_data['comment_status'] ))
 		$post_data['comment_status'] = 'closed';
 	if (!isset( $post_data['ping_status'] ))
 *
 * @param array $post_data Optional.
 * @return int Post ID.
 */
 function edit_post( $post_data = null ) {
+	global $wpdb;
 	if ( empty($post_data) )
 		$post_data = &$_POST;
 	// Clear out any data in internal vars.
 	$post_ID = (int) $post_data['post_ID'];
 	$post = get_post( $post_ID );
 	$post_data['post_type'] = $post->post_type;
 	$post_data['post_mime_type'] = $post->post_mime_type;
+	if ( ! empty( $post_data['post_status'] ) ) {
+		$post_data['post_status'] = sanitize_key( $post_data['post_status'] );
+		if ( 'inherit' == $post_data['post_status'] ) {
+			unset( $post_data['post_status'] );
+		}
+	}
 	$ptype = get_post_type_object($post_data['post_type']);
 	if ( !current_user_can( 'edit_post', $post_ID ) ) {
 		if ( 'page' == $post_data['post_type'] )
 			wp_die( __('You are not allowed to edit this page.' ));
 		$revision = current( $revisions );
 		// Check if the revisions have been upgraded
 		if ( $revisions && _wp_get_post_revision_version( $revision ) < 1 )
 			_wp_upgrade_revisions_of_post( $post, wp_get_post_revisions( $post_ID ) );
-	}
-	$post_data = _wp_translate_postdata( true, $post_data );
-	if ( is_wp_error($post_data) )
-		wp_die( $post_data->get_error_message() );
-	if ( ( empty( $post_data['action'] ) || 'autosave' != $post_data['action'] ) && 'auto-draft' == $post_data['post_status'] ) {
-		$post_data['post_status'] = 'draft';
 	}
 	if ( isset($post_data['visibility']) ) {
 		switch ( $post_data['visibility'] ) {
 			case 'public' :
 				unset( $post_data['sticky'] );
 				break;
 		}
 	}
+	$post_data = _wp_translate_postdata( true, $post_data );
+	if ( is_wp_error($post_data) )
+		wp_die( $post_data->get_error_message() );
 	// Post Formats
 	if ( isset( $post_data['post_format'] ) )
 		set_post_format( $post_ID, $post_data['post_format'] );
 	$format_meta_urls = array( 'url', 'link_url', 'quote_source_url' );
 			if ( current_user_can( 'unfiltered_html' ) )
 				update_post_meta( $post_ID, $keyed, $post_data[ $keyed ] );
 			else
 				update_post_meta( $post_ID, $keyed, wp_filter_post_kses( $post_data[ $keyed ] ) );
 		}
+	}
+	if ( 'attachment' === $post_data['post_type'] && preg_match( '#^(audio|video)/#', $post_data['post_mime_type'] ) ) {
+		$id3data = wp_get_attachment_metadata( $post_ID );
+		if ( ! is_array( $id3data ) ) {
+			$id3data = array();
+		}
+		foreach ( wp_get_attachment_id3_keys( $post, 'edit' ) as $key => $label ) {
+			if ( isset( $post_data[ 'id3_' . $key ] ) ) {
+				$id3data[ $key ] = sanitize_text_field( wp_unslash( $post_data[ 'id3_' . $key ] ) );
+			}
+		}
+		wp_update_attachment_metadata( $post_ID, $id3data );
 	}
 	// Meta Stuff
 	if ( isset($post_data['meta']) && $post_data['meta'] ) {
 		foreach ( $post_data['meta'] as $key => $value ) {
 	if ( 'attachment' == $post_data['post_type'] ) {
 		if ( isset( $post_data[ '_wp_attachment_image_alt' ] ) ) {
 			$image_alt = wp_unslash( $post_data['_wp_attachment_image_alt'] );
 			if ( $image_alt != get_post_meta( $post_ID, '_wp_attachment_image_alt', true ) ) {
 				$image_alt = wp_strip_all_tags( $image_alt, true );
-				// update_meta expects slashed
+				// update_meta expects slashed.
 				update_post_meta( $post_ID, '_wp_attachment_image_alt', wp_slash( $image_alt ) );
 			}
 		}
 		$attachment_data = isset( $post_data['attachments'][ $post_ID ] ) ? $post_data['attachments'][ $post_ID ] : array();
 		/** This filter is documented in wp-admin/includes/media.php */
 		$post_data = apply_filters( 'attachment_fields_to_save', $post_data, $attachment_data );
 	}
+	// Convert taxonomy input to term IDs, to avoid ambiguity.
+	if ( isset( $post_data['tax_input'] ) ) {
+		foreach ( (array) $post_data['tax_input'] as $taxonomy => $terms ) {
+			// Hierarchical taxonomy data is already sent as term IDs, so no conversion is necessary.
+			if ( is_taxonomy_hierarchical( $taxonomy ) ) {
+				continue;
+			}
+			/*
+			 * Assume that a 'tax_input' string is a comma-separated list of term names.
+			 * Some languages may use a character other than a comma as a delimiter, so we standardize on
+			 * commas before parsing the list.
+			 */
+			if ( ! is_array( $terms ) ) {
+				$comma = _x( ',', 'tag delimiter' );
+				if ( ',' !== $comma ) {
+					$terms = str_replace( $comma, ',', $terms );
+				}
+				$terms = explode( ',', trim( $terms, " \n\t\r\0\x0B," ) );
+			}
+			$clean_terms = array();
+			foreach ( $terms as $term ) {
+				// Empty terms are invalid input.
+				if ( empty( $term ) ) {
+					continue;
+				}
+				$_term = get_terms( $taxonomy, array(
+					'name' => $term,
+					'fields' => 'ids',
+					'hide_empty' => false,
+				) );
+				if ( ! empty( $_term ) ) {
+					$clean_terms[] = intval( $_term[0] );
+				} else {
+					// No existing term was found, so pass the string. A new term will be created.
+					$clean_terms[] = $term;
+				}
+			}
+			$post_data['tax_input'][ $taxonomy ] = $clean_terms;
+		}
+	}
 	add_meta( $post_ID );
 	update_post_meta( $post_ID, '_edit_last', get_current_user_id() );
-	wp_update_post( $post_data );
+	$success = wp_update_post( $post_data );
+	// If the save failed, see if we can sanity check the main fields and try again
+	if ( ! $success && is_callable( array( $wpdb, 'strip_invalid_text_for_column' ) ) ) {
+		$fields = array( 'post_title', 'post_content', 'post_excerpt' );
+		foreach( $fields as $field ) {
+			if ( isset( $post_data[ $field ] ) ) {
+				$post_data[ $field ] = $wpdb->strip_invalid_text_for_column( $wpdb->posts, $field, $post_data[ $field ] );
+			}
+		}
+		wp_update_post( $post_data );
+	}
 	// Now that we have an ID we can fix any attachment anchor hrefs
 	_fix_attachment_links( $post_ID );
 	wp_set_post_lock( $post_ID );
 		unset($post_data['post_status']);
 	} else {
 		$post_data['post_status'] = $post_data['_status'];
 	}
 	unset($post_data['_status']);
+	if ( ! empty( $post_data['post_status'] ) ) {
+		$post_data['post_status'] = sanitize_key( $post_data['post_status'] );
+		if ( 'inherit' == $post_data['post_status'] ) {
+			unset( $post_data['post_status'] );
+		}
+	}
 	$post_IDs = array_map( 'intval', (array) $post_data['post'] );
 	$reset = array(
 		'post_author', 'post_status', 'post_password',
 			}
 		}
 	}
 	$updated = $skipped = $locked = array();
+	$shared_post_data = $post_data;
 	foreach ( $post_IDs as $post_ID ) {
+		// Start with fresh post data with each iteration.
+		$post_data = $shared_post_data;
 		$post_type_object = get_post_type_object( get_post_type( $post_ID ) );
 		if ( !isset( $post_type_object ) || ( isset($children) && in_array($post_ID, $children) ) || !current_user_can( 'edit_post', $post_ID ) ) {
 			$skipped[] = $post_ID;
 			continue;
 			$cats = (array) wp_get_post_categories($post_ID);
 			$post_data['post_category'] = array_unique( array_merge($cats, $new_cats) );
 			unset( $post_data['tax_input']['category'] );
 		}
+		$post_data['post_type'] = $post->post_type;
 		$post_data['post_mime_type'] = $post->post_mime_type;
 		$post_data['guid'] = $post->guid;
+		foreach ( array( 'comment_status', 'ping_status', 'post_author' ) as $field ) {
+			if ( ! isset( $post_data[ $field ] ) ) {
+				$post_data[ $field ] = $post->$field;
+			}
+		}
 		$post_data['ID'] = $post_ID;
+		$post_data['post_ID'] = $post_ID;
+		$post_data = _wp_translate_postdata( true, $post_data );
+		if ( is_wp_error( $post_data ) ) {
+			$skipped[] = $post_ID;
+			continue;
+		}
 		$updated[] = wp_update_post( $post_data );
 		if ( isset( $post_data['sticky'] ) && current_user_can( $ptype->cap->edit_others_posts ) ) {
 			if ( 'sticky' == $post_data['sticky'] )
 				stick_post( $post_ID );
 *
 * @param string $post_type A post type string, defaults to 'post'.
 * @return WP_Post Post object containing all the default post data as attributes
 */
 function get_default_post_to_edit( $post_type = 'post', $create_in_db = false ) {
-	global $wpdb;
 	$post_title = '';
 	if ( !empty( $_REQUEST['post_title'] ) )
 		$post_title = esc_html( wp_unslash( $_REQUEST['post_title'] ));
 	$post_content = '';
 		$post->ID = 0;
 		$post->post_author = '';
 		$post->post_date = '';
 		$post->post_date_gmt = '';
 		$post->post_password = '';
+		$post->post_name = '';
 		$post->post_type = $post_type;
 		$post->post_status = 'draft';
 		$post->to_ping = '';
 		$post->pinged = '';
 		$post->comment_status = get_option( 'default_comment_status' );
 		$post->post_parent = 0;
 		$post->menu_order = 0;
 		$post = new WP_Post( $post );
 	}
+	/**
+	 * Filter the default post content initially used in the "Write Post" form.
+	 *
+	 * @since 1.5.0
+	 *
+	 * @param string  $post_content Default post content.
+	 * @param WP_Post $post         Post object.
+	 */
 	$post->post_content = apply_filters( 'default_content', $post_content, $post );
-	$post->post_title   = apply_filters( 'default_title',   $post_title, $post   );
+	/**
+	 * Filter the default post title initially used in the "Write Post" form.
+	 *
+	 * @since 1.5.0
+	 *
+	 * @param string  $post_title Default post title.
+	 * @param WP_Post $post       Post object.
+	 */
+	$post->post_title = apply_filters( 'default_title', $post_title, $post );
+	/**
+	 * Filter the default post excerpt initially used in the "Write Post" form.
+	 *
+	 * @since 1.5.0
+	 *
+	 * @param string  $post_excerpt Default post excerpt.
+	 * @param WP_Post $post         Post object.
+	 */
 	$post->post_excerpt = apply_filters( 'default_excerpt', $post_excerpt, $post );
-	$post->post_name = '';
 	return $post;
 }
 /**
 /**
 * Creates a new post from the "Write Post" form using $_POST information.
 *
 * @since 2.1.0
 *
-* @return unknown
+* @return int|WP_Error
 */
 function wp_write_post() {
 	if ( isset($_POST['post_type']) )
 		$ptype = get_post_type_object($_POST['post_type']);
 	else
 	unset( $_POST['filter'] );
 	// Edit don't write if we have a post id.
 	if ( isset( $_POST['post_ID'] ) )
 		return edit_post();
-	$translated = _wp_translate_postdata( false );
-	if ( is_wp_error($translated) )
-		return $translated;
 	if ( isset($_POST['visibility']) ) {
 		switch ( $_POST['visibility'] ) {
 			case 'public' :
 				$_POST['post_password'] = '';
 				unset( $_POST['sticky'] );
 				break;
 		}
 	}
+	$translated = _wp_translate_postdata( false );
+	if ( is_wp_error($translated) )
+		return $translated;
 	// Create the post.
 	$post_ID = wp_insert_post( $_POST );
 	if ( is_wp_error( $post_ID ) )
 		return $post_ID;
 /**
 * Calls wp_write_post() and handles the errors.
 *
 * @since 2.0.0
+*
-* @uses wp_write_post()
+* @return int|null
-* @uses is_wp_error()
-* @uses wp_die()
-* @return unknown
 */
 function write_post() {
 	$result = wp_write_post();
 	if ( is_wp_error( $result ) )
 		wp_die( $result->get_error_message() );
 //
 // Post Meta
 //
 /**
-* {@internal Missing Short Description}}
+* Add post meta data defined in $_POST superglobal for post with given ID.
 *
 * @since 1.2.0
 *
-* @param unknown_type $post_ID
+* @param int $post_ID
-* @return unknown
+* @return int|bool
 */
 function add_meta( $post_ID ) {
-	global $wpdb;
 	$post_ID = (int) $post_ID;
 	$metakeyselect = isset($_POST['metakeyselect']) ? wp_unslash( trim( $_POST['metakeyselect'] ) ) : '';
 	$metakeyinput = isset($_POST['metakeyinput']) ? wp_unslash( trim( $_POST['metakeyinput'] ) ) : '';
 	$metavalue = isset($_POST['metavalue']) ? $_POST['metavalue'] : '';
 	if ( is_string( $metavalue ) )
 		$metavalue = trim( $metavalue );
 	if ( ('0' === $metavalue || ! empty ( $metavalue ) ) && ( ( ( '#NONE#' != $metakeyselect ) && !empty ( $metakeyselect) ) || !empty ( $metakeyinput ) ) ) {
-		// We have a key/value pair. If both the select and the
+		/*
-		// input for the key have data, the input takes precedence:
+		 * We have a key/value pair. If both the select and the input
+		 * for the key have data, the input takes precedence.
+		 */
 		if ( '#NONE#' != $metakeyselect )
 			$metakey = $metakeyselect;
 		if ( $metakeyinput )
 			$metakey = $metakeyinput; // default
 	return false;
 } // add_meta
 /**
-* {@internal Missing Short Description}}
+* Delete post meta data by meta ID.
 *
 * @since 1.2.0
 *
-* @param unknown_type $mid
+* @param int $mid
-* @return unknown
+* @return bool
 */
 function delete_meta( $mid ) {
 	return delete_metadata_by_mid( 'post' , $mid );
 }
 /**
 * Get a list of previously defined keys.
 *
 * @since 1.2.0
 *
-* @return unknown
+* @return mixed
 */
 function get_meta_keys() {
 	global $wpdb;
 	$keys = $wpdb->get_col( "
 	return $keys;
 }
 /**
-* {@internal Missing Short Description}}
+* Get post meta data by meta ID.
 *
 * @since 2.1.0
 *
-* @param unknown_type $mid
+* @param int $mid
-* @return unknown
+* @return object|bool
 */
 function get_post_meta_by_id( $mid ) {
 	return get_metadata_by_mid( 'post', $mid );
 }
 /**
-* {@internal Missing Short Description}}
+* Get meta data for the given post ID.
-*
-* Some postmeta stuff.
 *
 * @since 1.2.0
 *
-* @param unknown_type $postid
+* @param int $postid
-* @return unknown
+* @return mixed
 */
 function has_meta( $postid ) {
 	global $wpdb;
 	return $wpdb->get_results( $wpdb->prepare("SELECT meta_key, meta_value, meta_id, post_id
 			FROM $wpdb->postmeta WHERE post_id = %d
 			ORDER BY meta_key,meta_id", $postid), ARRAY_A );
 }
 /**
-* {@internal Missing Short Description}}
+* Update post meta data by meta ID.
 *
 * @since 1.2.0
 *
-* @param unknown_type $meta_id
+* @param int    $meta_id
-* @param unknown_type $meta_key Expect Slashed
+* @param string $meta_key Expect Slashed
-* @param unknown_type $meta_value Expect Slashed
+* @param string $meta_value Expect Slashed
-* @return unknown
+* @return bool
 */
 function update_meta( $meta_id, $meta_key, $meta_value ) {
 	$meta_key = wp_unslash( $meta_key );
 	$meta_value = wp_unslash( $meta_value );
 		$post['post_content'] = $content;
 		// Escape data pulled from DB.
 		$post = add_magic_quotes($post);
 		return wp_update_post($post);
-	}
-}
-/**
-* Move child posts to a new parent.
-*
-* @since 2.3.0
-* @access private
-*
-* @param unknown_type $old_ID
-* @param unknown_type $new_ID
-* @return unknown
-*/
-function _relocate_children( $old_ID, $new_ID ) {
-	global $wpdb;
-	$old_ID = (int) $old_ID;
-	$new_ID = (int) $new_ID;
-	$children = $wpdb->get_col( $wpdb->prepare("
-		SELECT post_id
-		FROM $wpdb->postmeta
-		WHERE meta_key = '_wp_attachment_temp_parent'
-		AND meta_value = %d", $old_ID) );
-	foreach ( $children as $child_id ) {
-		$wpdb->update($wpdb->posts, array('post_parent' => $new_ID), array('ID' => $child_id) );
-		delete_post_meta($child_id, '_wp_attachment_temp_parent');
 	}
 }
 /**
 * Get all the possible statuses for a post_type
 	if ( isset($q['order']) )
 		$order = $q['order'];
 	elseif ( isset($q['post_status']) && 'pending' == $q['post_status'] )
 		$order = 'ASC';
-	$per_page = 'edit_' . $post_type . '_per_page';
+	$per_page = "edit_{$post_type}_per_page";
 	$posts_per_page = (int) get_user_option( $per_page );
 	if ( empty( $posts_per_page ) || $posts_per_page < 1 )
 		$posts_per_page = 20;
-	$posts_per_page = apply_filters( $per_page, $posts_per_page );
+	/**
+	 * Filter the number of items per page to show for a specific 'per_page' type.
+	 *
+	 * The dynamic portion of the hook name, `$post_type`, refers to the post type.
+	 *
+	 * Some examples of filter hooks generated here include: 'edit_attachment_per_page',
+	 * 'edit_post_per_page', 'edit_page_per_page', etc.
+	 *
+	 * @since 3.0.0
+	 *
+	 * @param int $posts_per_page Number of posts to display per page for the given post
+	 *                            type. Default 20.
+	 */
+	$posts_per_page = apply_filters( "edit_{$post_type}_per_page", $posts_per_page );
+	/**
+	 * Filter the number of posts displayed per page when specifically listing "posts".
+	 *
+	 * @since 2.8.0
+	 *
+	 * @param int    $posts_per_page Number of posts to be displayed. Default 20.
+	 * @param string $post_type      The post type.
+	 */
 	$posts_per_page = apply_filters( 'edit_posts_per_page', $posts_per_page, $post_type );
 	$query = compact('post_type', 'post_status', 'perm', 'order', 'orderby', 'posts_per_page');
 	// Hierarchical types require special args.
 	if ( is_post_type_hierarchical( $post_type ) && !isset($orderby) ) {
 		$query['orderby'] = 'menu_order title';
 		$query['order'] = 'asc';
 		$query['posts_per_page'] = -1;
 		$query['posts_per_archive_page'] = -1;
+		$query['fields'] = 'id=>parent';
 	}
 	if ( ! empty( $q['show_sticky'] ) )
 		$query['post__in'] = (array) get_option( 'sticky_posts' );
 	return $avail_post_stati;
 }
 /**
-* {@internal Missing Short Description}}
+* Get all available post MIME types for a given post type.
 *
 * @since 2.5.0
 *
-* @param unknown_type $type
+* @param string $type
-* @return unknown
+* @return mixed
 */
 function get_available_post_mime_types($type = 'attachment') {
 	global $wpdb;
 	$types = $wpdb->get_col($wpdb->prepare("SELECT DISTINCT post_mime_type FROM $wpdb->posts WHERE post_type = %s", $type));
 	return $types;
 }
 /**
-* Executes a query for attachments. An array of WP_Query arguments
+* Get the query variables for the current attachments request.
-* can be passed in, which will override the arguments set by this function.
+*
-*
+* @since 4.2.0
-* @since 2.5.0
+*
-* @uses apply_filters() Calls 'upload_per_page' on posts_per_page argument
+* @param array|false $q Optional. Array of query variables to use to build the query or false
-*
+*                       to use $_GET superglobal. Default false.
-* @param array|bool $q Array of query variables to use to build the query or false to use $_GET superglobal.
+* @return array The parsed query vars.
-* @return array
+*/
-*/
+function wp_edit_attachments_query_vars( $q = false ) {
-function wp_edit_attachments_query( $q = false ) {
+	if ( false === $q ) {
-	if ( false === $q )
 		$q = $_GET;
+	}
 	$q['m']   = isset( $q['m'] ) ? (int) $q['m'] : 0;
 	$q['cat'] = isset( $q['cat'] ) ? (int) $q['cat'] : 0;
 	$q['post_type'] = 'attachment';
 	$post_type = get_post_type_object( 'attachment' );
 	$states = 'inherit';
-	if ( current_user_can( $post_type->cap->read_private_posts ) )
+	if ( current_user_can( $post_type->cap->read_private_posts ) ) {
 		$states .= ',private';
+	}
 	$q['post_status'] = isset( $q['status'] ) && 'trash' == $q['status'] ? 'trash' : $states;
+	$q['post_status'] = isset( $q['attachment-filter'] ) && 'trash' == $q['attachment-filter'] ? 'trash' : $states;
 	$media_per_page = (int) get_user_option( 'upload_per_page' );
-	if ( empty( $media_per_page ) || $media_per_page < 1 )
+	if ( empty( $media_per_page ) || $media_per_page < 1 ) {
 		$media_per_page = 20;
+	}
+	/**
+	 * Filter the number of items to list per page when listing media items.
+	 *
+	 * @since 2.9.0
+	 *
+	 * @param int $media_per_page Number of media to list. Default 20.
+	 */
 	$q['posts_per_page'] = apply_filters( 'upload_per_page', $media_per_page );
 	$post_mime_types = get_post_mime_types();
-	$avail_post_mime_types = get_available_post_mime_types('attachment');
+	if ( isset($q['post_mime_type']) && !array_intersect( (array) $q['post_mime_type'], array_keys($post_mime_types) ) ) {
-	if ( isset($q['post_mime_type']) && !array_intersect( (array) $q['post_mime_type'], array_keys($post_mime_types) ) )
 		unset($q['post_mime_type']);
+	}
-	if ( isset($q['detached']) )
-		add_filter('posts_where', '_edit_attachments_query_helper');
+	foreach( array_keys( $post_mime_types ) as $type ) {
+		if ( isset( $q['attachment-filter'] ) && "post_mime_type:$type" == $q['attachment-filter'] ) {
-	wp( $q );
+			$q['post_mime_type'] = $type;
+			break;
-	if ( isset($q['detached']) )
+		}
-		remove_filter('posts_where', '_edit_attachments_query_helper');
+	}
-	return array($post_mime_types, $avail_post_mime_types);
+	if ( isset( $q['detached'] ) || ( isset( $q['attachment-filter'] ) && 'detached' == $q['attachment-filter'] ) ) {
-}
+		$q['post_parent'] = 0;
+	}
-function _edit_attachments_query_helper($where) {
-	global $wpdb;
+	return $q;
-	return $where .= " AND {$wpdb->posts}.post_parent < 1";
+}
+/**
+* Executes a query for attachments. An array of WP_Query arguments
+* can be passed in, which will override the arguments set by this function.
+*
+* @since 2.5.0
+*
+* @param array|false $q Array of query variables to use to build the query or false to use $_GET superglobal.
+* @return array
+*/
+function wp_edit_attachments_query( $q = false ) {
+	wp( wp_edit_attachments_query_vars( $q ) );
+	$post_mime_types = get_post_mime_types();
+	$avail_post_mime_types = get_available_post_mime_types( 'attachment' );
+	return array( $post_mime_types, $avail_post_mime_types );
 }
 /**
 * Returns the list of classes to be used by a metabox
 *
-* @uses get_user_option()
 * @since 2.5.0
 *
-* @param unknown_type $id
+* @param string $id
-* @param unknown_type $page
+* @param string $page
-* @return unknown
+* @return string
 */
 function postbox_classes( $id, $page ) {
 	if ( isset( $_GET['edit'] ) && $_GET['edit'] == $id ) {
 		$classes = array( '' );
 	} elseif ( $closed = get_user_option('closedpostboxes_'.$page ) ) {
 		}
 	} else {
 		$classes = array( '' );
 	}
+	/**
+	 * Filter the postbox classes for a specific screen and screen ID combo.
+	 *
+	 * The dynamic portions of the hook name, `$page` and `$id`, refer to
+	 * the screen and screen ID, respectively.
+	 *
+	 * @since 3.2.0
+	 *
+	 * @param array $classes An array of postbox classes.
+	 */
 	$classes = apply_filters( "postbox_classes_{$page}_{$id}", $classes );
 	return implode( ' ', $classes );
 }
 /**
-* {@internal Missing Short Description}}
+* Get a sample permalink based off of the post name.
 *
 * @since 2.5.0
 *
-* @param int|object $id    Post ID or post object.
+* @param int    $id    Post ID or post object.
-* @param string $title (optional) Title
+* @param string $title Optional. Title. Default null.
-* @param string $name (optional) Name
+* @param string $name  Optional. Name. Default null.
-* @return array With two entries of type string
+* @return array Array with two entries of type string.
 */
 function get_sample_permalink($id, $title = null, $name = null) {
 	$post = get_post( $id );
 	if ( ! $post )
 		return array( '', '' );
 	$original_status = $post->post_status;
 	$original_date = $post->post_date;
 	$original_name = $post->post_name;
 	// Hack: get_permalink() would return ugly permalink for drafts, so we will fake that our post is published.
-	if ( in_array( $post->post_status, array( 'draft', 'pending' ) ) ) {
+	if ( in_array( $post->post_status, array( 'draft', 'pending', 'future' ) ) ) {
 		$post->post_status = 'publish';
 		$post->post_name = sanitize_title($post->post_name ? $post->post_name : $post->post_title, $post->ID);
 	}
 	// If the user wants to set a new name -- override the current one
 	$permalink = str_replace("%$post->post_type%", '%pagename%', $permalink);
 	// Handle page hierarchy
 	if ( $ptype->hierarchical ) {
 		$uri = get_page_uri($post);
-		$uri = untrailingslashit($uri);
+		if ( $uri ) {
-		$uri = strrev( stristr( strrev( $uri ), '/' ) );
+			$uri = untrailingslashit($uri);
-		$uri = untrailingslashit($uri);
+			$uri = strrev( stristr( strrev( $uri ), '/' ) );
+			$uri = untrailingslashit($uri);
+		}
+		/** This filter is documented in wp-admin/edit-tag-form.php */
 		$uri = apply_filters( 'editable_slug', $uri );
 		if ( !empty($uri) )
 			$uri .= '/';
 		$permalink = str_replace('%pagename%', "{$uri}%pagename%", $permalink);
 	}
-	$permalink = array($permalink, apply_filters('editable_slug', $post->post_name));
+	/** This filter is documented in wp-admin/edit-tag-form.php */
+	$permalink = array( $permalink, apply_filters( 'editable_slug', $post->post_name ) );
 	$post->post_status = $original_status;
 	$post->post_date = $original_date;
 	$post->post_name = $original_name;
 	unset($post->filter);
 /**
 * Returns the HTML of the sample permalink slug editor.
 *
 * @since 2.5.0
 *
-* @param int|object $id Post ID or post object.
+* @param int    $id        Post ID or post object.
-* @param string $new_title Optional. New title.
+* @param string $new_title Optional. New title. Default null.
-* @param string $new_slug Optional. New slug.
+* @param string $new_slug  Optional. New slug. Default null.
 * @return string The HTML of the sample permalink slug editor.
 */
 function get_sample_permalink_html( $id, $new_title = null, $new_slug = null ) {
 	$post = get_post( $id );
 	if ( ! $post )
 		return '';
 	list($permalink, $post_name) = get_sample_permalink($post->ID, $new_title, $new_slug);
+	if ( current_user_can( 'read_post', $post->ID ) ) {
+		$ptype = get_post_type_object( $post->post_type );
+		$view_post = $ptype->labels->view_item;
+	}
 	if ( 'publish' == get_post_status( $post ) ) {
-		$ptype = get_post_type_object($post->post_type);
-		$view_post = $ptype->labels->view_item;
 		$title = __('Click to edit this part of the permalink');
 	} else {
 		$title = __('Temporary permalink. Click to edit this part.');
 	}
-	if ( false === strpos($permalink, '%postname%') && false === strpos($permalink, '%pagename%') ) {
+	if ( false === strpos( $permalink, '%postname%' ) && false === strpos( $permalink, '%pagename%' ) ) {
 		$return = '<strong>' . __('Permalink:') . "</strong>\n" . '<span id="sample-permalink" tabindex="-1">' . $permalink . "</span>\n";
-		if ( '' == get_option( 'permalink_structure' ) && current_user_can( 'manage_options' ) && !( 'page' == get_option('show_on_front') && $id == get_option('page_on_front') ) )
+		if ( '' == get_option( 'permalink_structure' ) && current_user_can( 'manage_options' ) && !( 'page' == get_option('show_on_front') && $id == get_option('page_on_front') ) ) {
 			$return .= '<span id="change-permalinks"><a href="options-permalink.php" class="button button-small" target="_blank">' . __('Change Permalinks') . "</a></span>\n";
-		if ( isset( $view_post ) )
+		}
-			$return .= "<span id='view-post-btn'><a href='$permalink' class='button button-small'>$view_post</a></span>\n";
+	} else {
+		if ( function_exists( 'mb_strlen' ) ) {
-		$return = apply_filters('get_sample_permalink_html', $return, $id, $new_title, $new_slug);
+			if ( mb_strlen( $post_name ) > 30 ) {
+				$post_name_abridged = mb_substr( $post_name, 0, 14 ) . '&hellip;' . mb_substr( $post_name, -14 );
-		return $return;
+			} else {
-	}
+				$post_name_abridged = $post_name;
+			}
-	if ( function_exists('mb_strlen') ) {
-		if ( mb_strlen($post_name) > 30 ) {
-			$post_name_abridged = mb_substr($post_name, 0, 14). '&hellip;' . mb_substr($post_name, -14);
 		} else {
-			$post_name_abridged = $post_name;
+			if ( strlen( $post_name ) > 30 ) {
-		}
+				$post_name_abridged = substr( $post_name, 0, 14 ) . '&hellip;' . substr( $post_name, -14 );
-	} else {
+			} else {
-		if ( strlen($post_name) > 30 ) {
+				$post_name_abridged = $post_name;
-			$post_name_abridged = substr($post_name, 0, 14). '&hellip;' . substr($post_name, -14);
+			}
+		}
+		$post_name_html = '<span id="editable-post-name" title="' . $title . '">' . $post_name_abridged . '</span>';
+		$display_link = str_replace( array( '%pagename%', '%postname%' ), $post_name_html, urldecode( $permalink ) );
+		$pretty_permalink = str_replace( array( '%pagename%', '%postname%' ), $post_name, urldecode( $permalink ) );
+		$return =  '<strong>' . __( 'Permalink:' ) . "</strong>\n";
+		$return .= '<span id="sample-permalink" tabindex="-1">' . $display_link . "</span>\n";
+		$return .= '&lrm;'; // Fix bi-directional text display defect in RTL languages.
+		$return .= '<span id="edit-slug-buttons"><a href="#post_name" class="edit-slug button button-small hide-if-no-js" onclick="editPermalink(' . $id . '); return false;">' . __( 'Edit' ) . "</a></span>\n";
+		$return .= '<span id="editable-post-name-full">' . $post_name . "</span>\n";
+	}
+	if ( isset( $view_post ) ) {
+		if( 'draft' == $post->post_status ) {
+			$preview_link = set_url_scheme( get_permalink( $post->ID ) );
+			/** This filter is documented in wp-admin/includes/meta-boxes.php */
+			$preview_link = apply_filters( 'preview_post_link', add_query_arg( 'preview', 'true', $preview_link ), $post );
+			$return .= "<span id='view-post-btn'><a href='" . esc_url( $preview_link ) . "' class='button button-small' target='wp-preview-{$post->ID}'>$view_post</a></span>\n";
 		} else {
-			$post_name_abridged = $post_name;
+			if ( empty( $pretty_permalink ) ) {
-		}
+				$pretty_permalink = $permalink;
-	}
+			}
-	$post_name_html = '<span id="editable-post-name" title="' . $title . '">' . $post_name_abridged . '</span>';
+			$return .= "<span id='view-post-btn'><a href='" . $pretty_permalink . "' class='button button-small'>$view_post</a></span>\n";
-	$display_link = str_replace(array('%pagename%','%postname%'), $post_name_html, $permalink);
+		}
-	$view_link = str_replace(array('%pagename%','%postname%'), $post_name, $permalink);
+	}
-	$return =  '<strong>' . __('Permalink:') . "</strong>\n";
-	$return .= '<span id="sample-permalink" tabindex="-1">' . $display_link . "</span>\n";
+	/**
-	$return .= '&lrm;'; // Fix bi-directional text display defect in RTL languages.
+	 * Filter the sample permalink HTML markup.
-	$return .= '<span id="edit-slug-buttons"><a href="#post_name" class="edit-slug button button-small hide-if-no-js" onclick="editPermalink(' . $id . '); return false;">' . __('Edit') . "</a></span>\n";
+	 *
-	$return .= '<span id="editable-post-name-full">' . $post_name . "</span>\n";
+	 * @since 2.9.0
-	if ( isset($view_post) )
+	 *
-		$return .= "<span id='view-post-btn'><a href='$view_link' class='button button-small'>$view_post</a></span>\n";
+	 * @param string      $return    Sample permalink HTML markup.
+	 * @param int|WP_Post $id        Post object or ID.
-	$return = apply_filters('get_sample_permalink_html', $return, $id, $new_title, $new_slug);
+	 * @param string      $new_title New sample permalink title.
+	 * @param string      $new_slug  New sample permalink slug.
+	 */
+	$return = apply_filters( 'get_sample_permalink_html', $return, $id, $new_title, $new_slug );
 	return $return;
 }
 /**
 			$content .= '<p class="hide-if-no-js"><a href="#" id="remove-post-thumbnail" onclick="WPRemoveThumbnail(\'' . $ajax_nonce . '\');return false;">' . esc_html__( 'Remove featured image' ) . '</a></p>';
 		}
 		$content_width = $old_content_width;
 	}
+	/**
+	 * Filter the admin post thumbnail HTML markup to return.
+	 *
+	 * @since 2.9.0
+	 *
+	 * @param string $content Admin post thumbnail HTML markup.
+	 * @param int    $post_id Post ID.
+	 */
 	return apply_filters( 'admin_post_thumbnail_html', $content, $post->ID );
 }
 /**
 * Check to see if the post is currently being edited by another user.
 *
 * @since 2.5.0
 *
 * @param int $post_id ID of the post to check for editing
-* @return bool|int False: not locked or locked by current user. Int: user ID of user with lock.
+* @return integer False: not locked or locked by current user. Int: user ID of user with lock.
 */
 function wp_check_post_lock( $post_id ) {
 	if ( !$post = get_post( $post_id ) )
 		return false;
 	$lock = explode( ':', $lock );
 	$time = $lock[0];
 	$user = isset( $lock[1] ) ? $lock[1] : get_post_meta( $post->ID, '_edit_last', true );
-	$time_window = apply_filters( 'wp_check_post_lock_window', 120 );
+	/** This filter is documented in wp-admin/includes/ajax-actions.php */
+	$time_window = apply_filters( 'wp_check_post_lock_window', 150 );
 	if ( $time && $time > time() - $time_window && $user != get_current_user_id() )
 		return $user;
 	return false;
 }
 	$user = null;
 	if (  $user_id = wp_check_post_lock( $post->ID ) )
 		$user = get_userdata( $user_id );
 	if ( $user ) {
+		/**
+		 * Filter whether to show the post locked dialog.
+		 *
+		 * Returning a falsey value to the filter will short-circuit displaying the dialog.
+		 *
+		 * @since 3.6.0
+		 *
+		 * @param bool         $display Whether to display the dialog. Default true.
+		 * @param WP_User|bool $user    WP_User object on success, false otherwise.
+		 */
 		if ( ! apply_filters( 'show_post_locked_dialog', true, $post, $user ) )
 			return;
 		$locked = true;
 	} else {
 			}
 		} else {
 			$preview_link = '';
 		}
-		$preview_link = apply_filters( 'preview_post_link', $preview_link );
+		/** This filter is documented in wp-admin/includes/meta-boxes.php */
+		$preview_link = apply_filters( 'preview_post_link', $preview_link, $post );
+		/**
+		 * Filter whether to allow the post lock to be overridden.
+		 *
+		 * Returning a falsey value to the filter will disable the ability
+		 * to override the post lock.
+		 *
+		 * @since 3.6.0
+		 *
+		 * @param bool    $override Whether to allow overriding post locks. Default true.
+		 * @param WP_Post $post     Post object.
+		 * @param WP_User $user     User object.
+		 */
 		$override = apply_filters( 'override_post_lock', true, $post, $user );
 		$tab_last = $override ? '' : ' wp-tab-last';
 		?>
 		<div class="post-locked-message">
 			_e( 'This content is currently locked.' );
 			if ( $override )
 				printf( ' ' . __( 'If you take over, %s will be blocked from continuing to edit.' ), esc_html( $user->display_name ) );
 		?>
 		</p>
-		<?php do_action( 'post_locked_dialog', $post ); ?>
+		<?php
+		/**
+		 * Fires inside the post locked dialog before the buttons are displayed.
+		 *
+		 * @since 3.6.0
+		 *
+		 * @param WP_Post $post Post object.
+		 */
+		do_action( 'post_locked_dialog', $post );
+		?>
 		<p>
 		<a class="button" href="<?php echo esc_url( $sendback ); ?>"><?php echo $sendback_text; ?></a>
 		<?php if ( $preview_link ) { ?>
 		<a class="button<?php echo $tab_last; ?>" href="<?php echo esc_url( $preview_link ); ?>"><?php _e('Preview'); ?></a>
 		<?php
 	} else {
 		?>
 		<div class="post-taken-over">
 			<div class="post-locked-avatar"></div>
 			<p class="wp-tab-first" tabindex="0">
-			<span class="currently-editing"></span><br>
+			<span class="currently-editing"></span><br />
-			<span class="locked-saving hidden"><img src="images/wpspin_light-2x.gif" width="16" height="16" /> <?php _e('Saving revision...'); ?></span>
+			<span class="locked-saving hidden"><img src="<?php echo esc_url( admin_url( 'images/spinner-2x.gif' ) ); ?>" width="16" height="16" /> <?php _e('Saving revision...'); ?></span>
 			<span class="locked-saved hidden"><?php _e('Your latest changes were saved as a revision.'); ?></span>
 			</p>
-			<?php do_action( 'post_lock_lost_dialog', $post ); ?>
+			<?php
+			/**
+			 * Fires inside the dialog displayed when a user has lost the post lock.
+			 *
+			 * @since 3.6.0
+			 *
+			 * @param WP_Post $post Post object.
+			 */
+			do_action( 'post_lock_lost_dialog', $post );
+			?>
 			<p><a class="button button-primary wp-tab-last" href="<?php echo esc_url( $sendback ); ?>"><?php echo $sendback_text; ?></a></p>
 		</div>
 		<?php
 	}
 *
 * @package WordPress
 * @subpackage Post_Revisions
 * @since 2.6.0
 *
-* @uses _wp_translate_postdata()
+* @param mixed $post_data Associative array containing the post data or int post ID.
-* @uses _wp_post_revision_fields()
+* @return mixed The autosave revision ID. WP_Error or 0 on error.
-*
+*/
-* @return unknown
+function wp_create_post_autosave( $post_data ) {
-*/
+	if ( is_numeric( $post_data ) ) {
-function wp_create_post_autosave( $post_id ) {
+		$post_id = $post_data;
-	$translated = _wp_translate_postdata( true );
+		$post_data = &$_POST;
-	if ( is_wp_error( $translated ) )
+	} else {
-		return $translated;
+		$post_id = (int) $post_data['post_ID'];
+	}
+	$post_data = _wp_translate_postdata( true, $post_data );
+	if ( is_wp_error( $post_data ) )
+		return $post_data;
 	$post_author = get_current_user_id();
 	// Store one autosave per author. If there is already an autosave, overwrite it.
 	if ( $old_autosave = wp_get_post_autosave( $post_id, $post_author ) ) {
-		$new_autosave = _wp_post_revision_fields( $_POST, true );
+		$new_autosave = _wp_post_revision_fields( $post_data, true );
 		$new_autosave['ID'] = $old_autosave->ID;
 		$new_autosave['post_author'] = $post_author;
-		// If the new autosave is the same content as the post, delete the old autosave.
+		// If the new autosave has the same content as the post, delete the autosave.
 		$post = get_post( $post_id );
 		$autosave_is_different = false;
-		foreach ( array_keys( _wp_post_revision_fields() ) as $field ) {
+		foreach ( array_intersect( array_keys( $new_autosave ), array_keys( _wp_post_revision_fields() ) ) as $field ) {
 			if ( normalize_whitespace( $new_autosave[ $field ] ) != normalize_whitespace( $post->$field ) ) {
 				$autosave_is_different = true;
 				break;
 			}
 		}
 		if ( ! $autosave_is_different ) {
 			wp_delete_post_revision( $old_autosave->ID );
-			return;
+			return 0;
 		}
+		/**
+		 * Fires before an autosave is stored.
+		 *
+		 * @since 4.1.0
+		 *
+		 * @param array $new_autosave Post array - the autosave that is about to be saved.
+		 */
+		do_action( 'wp_creating_autosave', $new_autosave );
 		return wp_update_post( $new_autosave );
 	}
 	// _wp_put_post_revision() expects unescaped.
-	$post_data = wp_unslash( $_POST );
+	$post_data = wp_unslash( $post_data );
 	// Otherwise create the new autosave as a special post revision
 	return _wp_put_post_revision( $post_data, true );
 }
 * Save draft or manually autosave for showing preview.
 *
 * @package WordPress
 * @since 2.7.0
 *
-* @uses get_post_status()
-* @uses edit_post()
-* @uses get_post()
-* @uses current_user_can()
-* @uses wp_die()
-* @uses wp_create_post_autosave()
-* @uses add_query_arg()
-* @uses wp_create_nonce()
-*
 * @return str URL to redirect to show the preview
 */
 function post_preview() {
 	$post_ID = (int) $_POST['post_ID'];
-	$status = get_post_status( $post_ID );
-	if ( 'auto-draft' == $status )
-		wp_die( __('Preview not available. Please save as a draft first.') );
-	if ( isset($_POST['catslist']) )
-		$_POST['post_category'] = explode(",", $_POST['catslist']);
-	if ( isset($_POST['tags_input']) )
-		$_POST['tags_input'] = explode(",", $_POST['tags_input']);
-	if ( $_POST['post_type'] == 'page' || empty($_POST['post_category']) )
-		unset($_POST['post_category']);
 	$_POST['ID'] = $post_ID;
-	$post = get_post($post_ID);
+	if ( ! $post = get_post( $post_ID ) ) {
-	if ( 'page' == $post->post_type ) {
+		wp_die( __( 'You are not allowed to edit this post.' ) );
-		if ( ! current_user_can('edit_page', $post_ID) )
+	}
-			wp_die( __('You are not allowed to edit this page.') );
+	if ( ! current_user_can( 'edit_post', $post->ID ) ) {
+		wp_die( __( 'You are not allowed to edit this post.' ) );
+	}
+	$is_autosave = false;
+	if ( ! wp_check_post_lock( $post->ID ) && get_current_user_id() == $post->post_author && ( 'draft' == $post->post_status || 'auto-draft' == $post->post_status ) ) {
+		$saved_post_id = edit_post();
 	} else {
-		if ( ! current_user_can('edit_post', $post_ID) )
+		$is_autosave = true;
-			wp_die( __('You are not allowed to edit this post.') );
-	}
+		if ( isset( $_POST['post_status'] ) && 'auto-draft' == $_POST['post_status'] )
+			$_POST['post_status'] = 'draft';
-	$user_id = get_current_user_id();
-	$locked = wp_check_post_lock( $post->ID );
+		$saved_post_id = wp_create_post_autosave( $post->ID );
-	if ( ! $locked && 'draft' == $post->post_status && $user_id == $post->post_author ) {
+	}
-		$id = edit_post();
-	} else { // Non drafts are not overwritten. The autosave is stored in a special post revision.
+	if ( is_wp_error( $saved_post_id ) )
-		$id = wp_create_post_autosave( $post->ID );
+		wp_die( $saved_post_id->get_error_message() );
-		if ( ! is_wp_error($id) )
-			$id = $post->ID;
+	$query_args = array( 'preview' => 'true' );
-	}
+	if ( $is_autosave && $saved_post_id ) {
-	if ( is_wp_error($id) )
+		$query_args['preview_id'] = $post->ID;
-		wp_die( $id->get_error_message() );
+		$query_args['preview_nonce'] = wp_create_nonce( 'post_preview_' . $post->ID );
-	if ( ! $locked && $_POST['post_status'] == 'draft' && $user_id == $post->post_author ) {
+		if ( isset( $_POST['post_format'] ) )
-		$url = add_query_arg( 'preview', 'true', get_permalink($id) );
+			$query_args['post_format'] = empty( $_POST['post_format'] ) ? 'standard' : sanitize_key( $_POST['post_format'] );
+	}
+	$url = add_query_arg( $query_args, get_permalink( $post->ID ) );
+	/** This filter is documented in wp-admin/includes/meta-boxes.php */
+	return apply_filters( 'preview_post_link', $url, $post );
+}
+/**
+* Save a post submitted with XHR
+*
+* Intended for use with heartbeat and autosave.js
+*
+* @since 3.9.0
+*
+* @param array $post_data Associative array of the submitted post data.
+* @return mixed The value 0 or WP_Error on failure. The saved post ID on success.
+*               Te ID can be the draft post_id or the autosave revision post_id.
+*/
+function wp_autosave( $post_data ) {
+	// Back-compat
+	if ( ! defined( 'DOING_AUTOSAVE' ) )
+		define( 'DOING_AUTOSAVE', true );
+	$post_id = (int) $post_data['post_id'];
+	$post_data['ID'] = $post_data['post_ID'] = $post_id;
+	if ( false === wp_verify_nonce( $post_data['_wpnonce'], 'update-post_' . $post_id ) ) {
+		return new WP_Error( 'invalid_nonce', __( 'Error while saving.' ) );
+	}
+	$post = get_post( $post_id );
+	if ( ! current_user_can( 'edit_post', $post->ID ) ) {
+		return new WP_Error( 'edit_posts', __( 'You are not allowed to edit this item.' ) );
+	}
+	if ( 'auto-draft' == $post->post_status )
+		$post_data['post_status'] = 'draft';
+	if ( $post_data['post_type'] != 'page' && ! empty( $post_data['catslist'] ) )
+		$post_data['post_category'] = explode( ',', $post_data['catslist'] );
+	if ( ! wp_check_post_lock( $post->ID ) && get_current_user_id() == $post->post_author && ( 'auto-draft' == $post->post_status || 'draft' == $post->post_status ) ) {
+		// Drafts and auto-drafts are just overwritten by autosave for the same user if the post is not locked
+		return edit_post( wp_slash( $post_data ) );
 	} else {
-		$nonce = wp_create_nonce('post_preview_' . $id);
+		// Non drafts or other users drafts are not overwritten. The autosave is stored in a special post revision for each user.
-		$args = array(
+		return wp_create_post_autosave( wp_slash( $post_data ) );
-			'preview' => 'true',
+	}
-			'preview_id' => $id,
+}
-			'preview_nonce' => $nonce,
-		);
-		if ( isset( $_POST['post_format'] ) )
-			$args['post_format'] = empty( $_POST['post_format'] ) ? 'standard' : sanitize_key( $_POST['post_format'] );
-		$url = add_query_arg( $args, get_permalink($id) );
-	}
-	return apply_filters( 'preview_post_link', $url );
-}

changeset 5	5e2f62d02dcd
parent 0	d970ebf37754
child 7	cf61fcea0001