diff -r 2f6f6f7551ca -r 32102edaa81b web/wp-admin/press-this.php --- a/web/wp-admin/press-this.php Thu Sep 16 15:45:36 2010 +0000 +++ b/web/wp-admin/press-this.php Mon Nov 19 18:26:13 2012 +0100 @@ -6,31 +6,17 @@ * @subpackage Press_This */ +define('IFRAME_REQUEST' , true); + /** WordPress Administration Bootstrap */ -require_once('admin.php'); +require_once('./admin.php'); + header('Content-Type: ' . get_option('html_type') . '; charset=' . get_option('blog_charset')); if ( ! current_user_can('edit_posts') ) wp_die( __( 'Cheatin’ uh?' ) ); /** - * Convert characters. - * - * @package WordPress - * @subpackage Press_This - * @since 2.6.0 - * - * @param string $text - * @return string - */ -function aposfix($text) { - $translation_table[chr(34)] = '"'; - $translation_table[chr(38)] = '&'; - $translation_table[chr(39)] = '''; - return preg_replace("/&(?![A-Za-z]{0,4}\w{2,3};|#[0-9]{2,3};)/","&" , strtr($text, $translation_table)); -} - -/** * Press It form handler. * * @package WordPress @@ -40,22 +26,21 @@ * @return int Post ID */ function press_it() { - // define some basic variables - $quick['post_status'] = 'draft'; // set as draft first - $quick['post_category'] = isset($_POST['post_category']) ? $_POST['post_category'] : null; - $quick['tax_input'] = isset($_POST['tax_input']) ? $_POST['tax_input'] : null; - $quick['post_title'] = ( trim($_POST['title']) != '' ) ? $_POST['title'] : ' '; - $quick['post_content'] = isset($_POST['post_content']) ? $_POST['post_content'] : ''; + + $post = get_default_post_to_edit(); + $post = get_object_vars($post); + $post_ID = $post['ID'] = (int) $_POST['post_id']; - // insert the post with nothing in it, to get an ID - $post_ID = wp_insert_post($quick, true); - if ( is_wp_error($post_ID) ) - wp_die($post_ID); + if ( !current_user_can('edit_post', $post_ID) ) + wp_die(__('You are not allowed to edit this post.')); + $post['post_category'] = isset($_POST['post_category']) ? $_POST['post_category'] : ''; + $post['tax_input'] = isset($_POST['tax_input']) ? $_POST['tax_input'] : ''; + $post['post_title'] = isset($_POST['title']) ? $_POST['title'] : ''; $content = isset($_POST['content']) ? $_POST['content'] : ''; $upload = false; - if( !empty($_POST['photo_src']) && current_user_can('upload_files') ) { + if ( !empty($_POST['photo_src']) && current_user_can('upload_files') ) { foreach( (array) $_POST['photo_src'] as $key => $image) { // see if files exist in content - we don't want to upload non-used selected files. if ( strpos($_POST['content'], htmlspecialchars($image)) !== false ) { @@ -63,40 +48,60 @@ $upload = media_sideload_image($image, $post_ID, $desc); // Replace the POSTED content with correct uploaded ones. Regex contains fix for Magic Quotes - if( !is_wp_error($upload) ) + if ( !is_wp_error($upload) ) $content = preg_replace('/]*)src=\\\?(\"|\')'.preg_quote(htmlspecialchars($image), '/').'\\\?(\2)([^>\/]*)\/*>/is', $upload, $content); } } } // set the post_content and status - $quick['post_status'] = isset($_POST['publish']) ? 'publish' : 'draft'; - $quick['post_content'] = $content; + $post['post_content'] = $content; + if ( isset( $_POST['publish'] ) && current_user_can( 'publish_posts' ) ) + $post['post_status'] = 'publish'; + elseif ( isset( $_POST['review'] ) ) + $post['post_status'] = 'pending'; + else + $post['post_status'] = 'draft'; + // error handling for media_sideload if ( is_wp_error($upload) ) { wp_delete_post($post_ID); wp_die($upload); } else { - $quick['ID'] = $post_ID; - wp_update_post($quick); + // Post formats + if ( isset( $_POST['post_format'] ) ) { + if ( current_theme_supports( 'post-formats', $_POST['post_format'] ) ) + set_post_format( $post_ID, $_POST['post_format'] ); + elseif ( '0' == $_POST['post_format'] ) + set_post_format( $post_ID, false ); + } + + $post_ID = wp_update_post($post); } + return $post_ID; } // For submitted posts. if ( isset($_REQUEST['action']) && 'post' == $_REQUEST['action'] ) { check_admin_referer('press-this'); - $post_ID = press_it(); - $posted = $post_ID; + $posted = $post_ID = press_it(); } else { - $post_ID = 0; + $post = get_default_post_to_edit('post', true); + $post_ID = $post->ID; } // Set Variables -$title = isset( $_GET['t'] ) ? trim( strip_tags( aposfix( stripslashes( $_GET['t'] ) ) ) ) : ''; -$selection = isset( $_GET['s'] ) ? trim( htmlspecialchars( html_entity_decode( aposfix( stripslashes( $_GET['s'] ) ) ) ) ) : ''; +$title = isset( $_GET['t'] ) ? trim( strip_tags( html_entity_decode( stripslashes( $_GET['t'] ) , ENT_QUOTES) ) ) : ''; + +$selection = ''; +if ( !empty($_GET['s']) ) { + $selection = str_replace(''', "'", stripslashes($_GET['s'])); + $selection = trim( htmlspecialchars( html_entity_decode($selection, ENT_QUOTES) ) ); +} + if ( ! empty($selection) ) { $selection = preg_replace('/(\r?\n|\r)/', '

', $selection); - $selection = '

'.str_replace('

', '', $selection).'

'; + $selection = '

' . str_replace('

', '', $selection) . '

'; } $url = isset($_GET['u']) ? esc_url($_GET['u']) : ''; @@ -121,7 +126,7 @@

- +

@@ -134,19 +139,19 @@ tb_remove(); }); jQuery('.select').click(function() { - image_selector(); + image_selector(this); }); /* ]]> */ -

- +

- + @@ -154,34 +159,6 @@

- -

- ", + type: "GET", + url: "", cache : false, async : false, - data: "ajax=photo_images&u=", + data: "ajax=photo_images&u=", dataType : "script" }).responseText ); if(my_src.length == 0) { var my_src = eval( jQuery.ajax({ - type: "GET", - url: "", + type: "GET", + url: "", cache : false, async : false, - data: "ajax=photo_images&u=", + data: "ajax=photo_images&u=", dataType : "script" }).responseText ); @@ -293,42 +270,41 @@ return false; } - function image_selector() { + function image_selector(el) { + var desc, src, parent = jQuery(el).closest('#photo-add-url-div'); + + if ( parent.length ) { + desc = parent.find('input.tb_this_photo_description').val() || ''; + src = parent.find('input.tb_this_photo').val() || '' + } else { + desc = jQuery('#tb_this_photo_description').val() || ''; + src = jQuery('#tb_this_photo').val() || '' + } + tb_remove(); - desc = jQuery('#this_photo_description').val(); - src = jQuery('#this_photo').val(); pick(src, desc); jQuery('#extra-fields').hide(); jQuery('#extra-fields').html(''); return false; } - jQuery('#extra-fields').html('

Add Photos ()

'); - jQuery('#img_container').html(strtoappend); + + jQuery('#extra-fields').html('

()

'); + jQuery('#img_container').html(strtoappend); - - > - - - <?php _e('Press This') ?> - - +<?php _e('Press This') ?> @@ -337,18 +313,20 @@ do_action('admin_print_styles'); do_action('admin_print_scripts'); do_action('admin_head'); - - if ( user_can_richedit() ) - wp_tiny_mce( true, array( 'height' => '370' ) ); ?> - -

+ +

›

- +

-
-

+ 'save' ) ); + if ( current_user_can('publish_posts') ) { + submit_button( __( 'Publish' ), 'primary', 'publish', false ); + } else { + echo '

'; + submit_button( __( 'Submit for Review' ), 'primary', 'review', false ); + } ?> + +

- - - - -

- - + +

-
-

+ +

labels->all_items; ?>

+ + +

- + 'category', 'popular_cats' => $popular_ids ) ) ?>

- -

- - : 0, 'name' => 'newcat_parent', 'orderby' => 'name', 'hierarchical' => 1, 'show_option_none' => __('Parent category'), 'tab_index' => 3 ) ); ?> - - - -

+ cap->assign_terms) ) : ?> +

+ + cap->edit_terms) ) : ?> +

+ + labels->add_new_item ); ?> + +

+ labels->add_new_item; ?> + + + labels->parent_item_colon; ?> + + 'category', 'hide_empty' => 0, 'name' => 'newcategory_parent', 'orderby' => 'name', 'hierarchical' => 1, 'show_option_none' => '— ' . $tax->labels->parent_item . ' —', 'tab_index' => 3 ) ); ?> + + + +

+ +

-
-

- +

- -

| |

+ +

+ + + +

+ + +

+ + | + |

@@ -551,47 +586,69 @@

+ +

'; + + if ( $selection ) + $content .= __('via '); + + $content .= sprintf( "%s.

- Add: - - -
- -
- - - - -
-

- -

+ remove_action( 'media_buttons', 'media_buttons' ); + add_action( 'media_buttons', 'press_this_media_buttons' ); + function press_this_media_buttons() { + _e( 'Add:' ); + + if ( current_user_can('upload_files') ) { + ?> + +

+ +

- + +