diff options
| author | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2005-07-12 12:11:53 +0000 |
|---|---|---|
| committer | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2005-07-12 12:11:53 +0000 |
| commit | 0a08b806615f3bdd5ca1546c4ab0e25dc3d201f1 (patch) | |
| tree | 1828319a3864c1c8d2eba7a1f9c1acc4178bf578 | |
| parent | b92dadf3d9489d20f7eca449a370229780b61a3c (diff) | |
| download | wordpress-mu-0a08b806615f3bdd5ca1546c4ab0e25dc3d201f1.tar.gz wordpress-mu-0a08b806615f3bdd5ca1546c4ab0e25dc3d201f1.tar.xz wordpress-mu-0a08b806615f3bdd5ca1546c4ab0e25dc3d201f1.zip | |
Lots of merges from WP Core.
git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@5 7be80a69-a1ef-0310-a953-fb0f7c49ff36
| -rw-r--r-- | wp-inst/wp-admin/templates.php | 251 | ||||
| -rw-r--r-- | wp-inst/wp-admin/upgrade-functions.php | 28 | ||||
| -rw-r--r-- | wp-inst/wp-admin/upgrade-schema.php | 80 | ||||
| -rw-r--r-- | wp-inst/wp-comments-post.php | 7 |
4 files changed, 215 insertions, 151 deletions
diff --git a/wp-inst/wp-admin/templates.php b/wp-inst/wp-admin/templates.php index f32209c..ce8f549 100644 --- a/wp-inst/wp-admin/templates.php +++ b/wp-inst/wp-admin/templates.php @@ -1,48 +1,38 @@ <?php - -/* $Id: templates.php,v 1.8 2005/03/12 20:18:49 donncha Exp $ */ - require_once('admin.php'); -$title = __("Template & file editing"); -$parent_file = 'edit.php'; - - -if( isset( $_POST[ 'file' ] ) ) - $file = $_POST[ 'file' ]; - -if( isset( $_GET[ 'file' ] ) ) - $file = $_GET[ 'file' ]; - -if ($file=="") -{ - $file = "index.html"; +$title = __('Template & File Editing'); +$parent_file = 'edit.php'; + +$wpvarstoreset = array('action','redirect','profile','error','warning','a','file'); +for ($i=0; $i<count($wpvarstoreset); $i += 1) { + $wpvar = $wpvarstoreset[$i]; + if (!isset($$wpvar)) { + if (empty($_POST["$wpvar"])) { + if (empty($_GET["$wpvar"])) { + $$wpvar = ''; + } else { + $$wpvar = $_GET["$wpvar"]; + } + } else { + $$wpvar = $_POST["$wpvar"]; + } + } } -$file = str_replace( '..', '', $file ); - -if (substr($file,0,1) == "/") - $file = ".".$file; +$recents = get_option('recently_edited'); -$file = stripslashes($file); -if (':' == substr($file,1,1)) - die ('Sorry, can’t call files with their real path.'); - -if( $wpblog != '' ) -{ - $templateDir = "../wp-content/blogs/".$wpblog."/templates/"; - $filename = $templateDir . "$file"; -} -else -{ - $templateDir = "../templates/"; - $filename = "templates/$file"; -} -if( $backup != '' && $backup >= 0 && $backup <= 5 && is_file( $filename . "." . $backup ) ) -{ - $filename .= "." . $backup; +if (empty($file)) { + if ($recents) { + $file = $recents[0]; + } else { + $file = 'index.php'; + } } -switch($_POST[ 'action' ]) { +$file = validate_file_to_edit($file); +$real_file = get_real_file_to_edit($file); + +switch($action) { case 'update': @@ -51,33 +41,14 @@ case 'update': } $newcontent = stripslashes($_POST['newcontent']); - $f = fopen( $filename, "r" ); - $content = fread( $f, filesize( $filename ) ); - fclose( $f ); - if( $content != $newcontent ) - { - for( $t = 4; $t >= 1; $t -- ) - { - if( is_file( $filename . "." . $t ) ) - { - rename( $filename . "." . $t, $filename . "." . ( $t + 1 ) ); - } - } - rename( $filename, $filename . ".1" ); - - $f = fopen( $filename, "w+" ); - fwrite($f,$newcontent); - fclose($f); - - $wpsmarty->cache_dir = "../" . $wpsmarty->cache_dir; - $wpsmarty->clear_all_cache(); - - header( "Location: templates.php?file=$file&a=te" ); - } - else - { - header( "Location: templates.php?file=$file" ); - } + if (is_writeable($real_file)) { + $f = fopen($real_file, 'w+'); + fwrite($f, $newcontent); + fclose($f); + header("Location: templates.php?file=$file&a=te"); + } else { + header("Location: templates.php?file=$file"); + } exit(); @@ -85,103 +56,99 @@ break; default: - require_once('admin-header.php'); + require_once('./admin-header.php'); + if ( $user_level <= 5 ) + die(__('<p>You have do not have sufficient permissions to edit templates for this blog.</p>')); + + if ( strstr( $file, 'wp-config.php' ) ) + die( __('<p>The config file cannot be edited or viewed through the web interface. Sorry!</p>') ); - if ($user_level <= 3) { - die('<p>You have no right to edit the template for this blog.<br>Ask for a promotion to your <a href="mailto:$admin_email">blog admin</a>. :)</p>'); - } + update_recently_edited($file); - if (!is_file($filename)) + if (!is_file($real_file)) $error = 1; - + if (!$error) { - $f = fopen($filename, 'r'); - $content = fread($f, filesize($filename)); + $f = fopen($real_file, 'r'); + $content = fread($f, filesize($real_file)); $content = htmlspecialchars($content); } ?> +<?php if (isset($_GET['a'])) : ?> + <div class="updated"><p><?php _e('File edited successfully.') ?></p></div> +<?php endif; ?> <div class="wrap"> - <?php - echo "<h2>Editing <strong>$file</strong></h2>"; - if( $backup != '' ) - echo ", backup <strong>$backup</strong>"; - echo " $warning"; - if ('te' == $a) - echo "<em>File edited successfully.</em>"; - - if (!$error) { - ?> - <form name="template" action="templates.php" method="post"> - <textarea cols="80" rows="20" style="width:100%; font-family: 'Courier New', Courier, monopace; font-size:small;" name="newcontent" tabindex="1"><?php echo $content ?></textarea> +<?php +if (is_writeable($real_file)) { + echo '<h2>' . sprintf(__('Editing <strong>%s</strong>'), wp_specialchars($file) ) . '</h2>'; +} else { + echo '<h2>' . sprintf(__('Browsing <strong>%s</strong>'), wp_specialchars($file) ) . '</h2>'; +} +?> +<div id="templateside"> +<?php +if ( $recents ) : +?> +<h3><?php _e('Recent'); ?></h3> +<?php +echo '<ol>'; +foreach ($recents as $recent) : + echo "<li><a href='templates.php?file=$recent'>" . get_file_description(basename($recent)) . "</a></li>"; +endforeach; +echo '</ol>'; +endif; +?> +<h3><?php _e('Common'); ?></h3> + <?php $common_files = array('index.php', '.htaccess', 'my-hacks.php'); + $old_files = array('wp-layout.css', 'wp-comments.php', 'wp-comments-popup.php'); + foreach ($old_files as $old_file) { + if (file_exists(ABSPATH . $old_file)) + $common_files[] = $old_file; + } ?> + <ul> + <?php foreach ($common_files as $common_file) : ?> + <li><a href="templates.php?file=<?php echo $common_file?>"><?php echo get_file_description($common_file); ?></a></li> + <?php endforeach; ?> + </ul> +</div> +<?php if (!$error) { ?> + <form name="template" id="template" action="templates.php" method="post"> + <div><textarea cols="70" rows="25" name="newcontent" id='newcontent' tabindex="1"><?php echo $content ?></textarea> <input type="hidden" name="action" value="update" /> <input type="hidden" name="file" value="<?php echo $file ?>" /> - <br /> - <?php - if (is_writeable($filename)) { - echo "<input type=\"submit\" name=\"submit\" class=\"search\" value=\"update template !\" tabindex=\"2\" />"; - } else { - echo "<input type=\"button\" name=\"oops\" class=\"search\" value=\"(you cannot update that file/template: must make it writable, e.g. CHMOD 666)\" tabindex=\"2\" />"; - } - ?> +</div> +<?php if ( is_writeable($real_file) ) : ?> + <p class="submit"> +<?php + echo "<input type='submit' name='submit' value=' " . __('Update File') . " »' tabindex='2' />"; +?> +</p> +<?php else : ?> +<p><em><?php _e('If this file was writable you could edit it.'); ?></em></p> +<?php endif; ?> </form> <?php } else { - echo '<p>Oops, no such file exists! Double check the name and try again, merci.</p>'; + echo '<div class="error"><p>' . __('Oops, no such file exists! Double check the name and try again, merci.') . '</p></div>'; } - ?> -</div> -<div class="wrap"> - <p>To edit a file, type its name here:</p> + ?> +</div> +<div class="wrap"> +<h2><?php _e('Other Files') ?></h2> + + <p><?php _e('To edit a file, type its name here. You can edit any file <a href="http://codex.wordpress.org/Changing_File_Permissions" title="Read more about making files writable">writable by the server</a>, e.g. CHMOD 666.') ?></p> <form name="file" action="templates.php" method="get"> <input type="text" name="file" /> - <input type="submit" name="submit" class="search" value="go" /> + <input type="submit" name="submit" value="<?php _e('Edit file »') ?>" /> </form> - <p>Note: of course, you can also edit the files/templates in your text editor of choice and upload them. This online editor is only meant to be used when you don't have access to a text editor or FTP client.</p> - <b>You can also edit the following files.</b><br /> - <br /> - <?php - $templates = array ( - "Main Page" => "index.html", - "Site Style Sheet" => "wp-layout.css", - "Posts" => "post.html", - "Comments" => "comments.html", - "Old Template" => "index.tpl", - "Old Style Sheet" => "site.css" - ); - print "<table>"; - print "<tr><th>File</th><th colspan='5'>Backups</th><th>Notes</th></tr>"; - $notes = false; - reset( $templates ); - foreach( $templates as $templateName => $templateFilename ) - { - print "<tr><td><a href='templates.php?file=$templateFilename'><nobr>$templateName</nobr></a></td>"; - for( $t = 1; $t <= 5 ; $t ++ ) - { - if( is_file( $templateDir . $templateFilename . "." . $t ) ) - { - print "<td><a href='templates.php?file=".$templateFilename."&backup=".$t."'>".$t."</a></td>"; - } - else - { - print "<td>" . $t . "</td>"; - } - } - if( $notes == false ) - { - print "<td rowspan=10 valign='top' style='padding:10px'>"; - $notes = true; - print "When you edit a file a backup is made of the old file.<br> Up to 5 backups are made before the oldest is lost. It's a FIFO queue so the newest backup is always <em>1</em> and the oldest being <em>5</em>. <br /> - If the backup of a particular file exists it will be hyperlinked and clicking on that link will allow you to edit that file. Updating that backup template will restore the backup when saved and overwrite the template.<br /> - (*) You probably don't want to edit the XML files unless you're absolutely sure you know what you're doing!<br />"; - print "</td>"; - } - print "</tr>\n"; - } - print "</table> </div> "; + + <p><?php _e('Note: of course, you can also edit the files/templates in your text editor of choice and upload them. This online editor is only meant to be used when you don’t have access to a text editor or FTP client.') ?></p> +</div> +<?php break; } include("admin-footer.php"); -?> +?> diff --git a/wp-inst/wp-admin/upgrade-functions.php b/wp-inst/wp-admin/upgrade-functions.php index cc39422..e6ee8c8 100644 --- a/wp-inst/wp-admin/upgrade-functions.php +++ b/wp-inst/wp-admin/upgrade-functions.php @@ -226,8 +226,11 @@ function upgrade_160() { update_usermeta( $user->ID, 'last_name', $wpdb->escape($user->user_lastname) ); if ( !empty( $user->user_nickname ) ) update_usermeta( $user->ID, 'nickname', $wpdb->escape($user->user_nickname) ); - if ( !empty( $user->user_level ) ) + if ( !empty( $user->user_level ) ) { update_usermeta( $user->ID, $table_prefix . 'user_level', $user->user_level ); + $role = translate_level_to_role($user->user_level); + update_usermeta( $user->ID, $table_prefix . 'capabilities', array($role => true) ); + } if ( !empty( $user->user_icq ) ) update_usermeta( $user->ID, 'icq', $wpdb->escape($user->user_icq) ); if ( !empty( $user->user_aim ) ) @@ -750,4 +753,27 @@ function make_site_theme() { } return $template; } + +function translate_level_to_role($level) { + switch ($level) { + case 10: + case 9: + case 8: + return 'publisher'; + case 7: + case 6: + case 5: + return 'managing_editor'; + case 4: + case 3: + return 'copy_editor'; + case 2: + return 'staff_writer'; + case 1: + return 'freelancer'; + case 0: + return 'visitor'; + } +} + ?> diff --git a/wp-inst/wp-admin/upgrade-schema.php b/wp-inst/wp-admin/upgrade-schema.php index 261a350..2c3fa61 100644 --- a/wp-inst/wp-admin/upgrade-schema.php +++ b/wp-inst/wp-admin/upgrade-schema.php @@ -7,6 +7,7 @@ $wp_queries="CREATE TABLE $wpdb->categories ( category_nicename varchar(200) NOT NULL default '', category_description longtext NOT NULL, category_parent bigint(20) NOT NULL default '0', + category_count bigint(20) NOT NULL default '0', PRIMARY KEY (cat_ID), KEY category_nicename (category_nicename) ); @@ -129,7 +130,6 @@ CREATE TABLE $wpdb->users ( user_email varchar(100) NOT NULL default '', user_url varchar(100) NOT NULL default '', user_registered datetime NOT NULL default '0000-00-00 00:00:00', - user_level int(2) unsigned NOT NULL default '0', user_activation_key varchar(60) NOT NULL default '', user_status int(11) NOT NULL default '0', display_name varchar(250) NOT NULL default '', @@ -279,6 +279,8 @@ function populate_options() { // 1.5.1 add_option('use_trackback', 0); + populate_roles(); + // Delete unused options $unusedoptions = array ('blodotgsping_url', 'bodyterminator', 'emailtestonly', 'phoneemail_separator', 'smilies_directory', 'subjectprefix', 'use_bbcode', 'use_blodotgsping', 'use_phoneemail', 'use_quicktags', 'use_weblogsping', 'weblogs_cache_file', 'use_preview', 'use_htmltrans', 'smilies_directory', 'fileupload_allowedusers', 'use_phoneemail', 'default_post_status', 'default_post_category', 'archive_mode', 'time_difference', 'links_minadminlevel', 'links_use_adminlevels', 'links_rating_type', 'links_rating_char', 'links_rating_ignore_zero', 'links_rating_single_image', 'links_rating_image0', 'links_rating_image1', 'links_rating_image2', 'links_rating_image3', 'links_rating_image4', 'links_rating_image5', 'links_rating_image6', 'links_rating_image7', 'links_rating_image8', 'links_rating_image9', 'weblogs_cacheminutes', 'comment_allowed_tags', 'search_engine_friendly_urls', 'default_geourl_lat', 'default_geourl_lon', 'use_default_geourl', 'weblogs_xml_url'); foreach ($unusedoptions as $option) : @@ -292,4 +294,80 @@ function populate_options() { endforeach; } +function populate_roles() { + global $table_prefix; + + $roles = array ('administrator' => + array('name' => __('Administrator'), + 'capabilities' => array( + 'edit_posts' => true, + 'edit_others_posts' => true, + 'edit_published_posts' => true, + 'publish_posts' => true, + 'edit_pages' => true, + 'manage_categories' => true, + 'manage_links' => true, + 'upload_images' => true, + 'manage_options' => true, + 'switch_themes' => true, + 'edit_themes' => true, + 'activate_plugins' => true, + 'edit_plugins' => true, + 'edit_users' => true, + 'edit_files' => true, + 'read' => true, + 'level_10' => true, + 'level_9' => true, + 'level_8' => true + )), + + 'editor' => + array('name' => __('Editor'), + 'capabilities' => array( + 'edit_posts' => true, + 'edit_others_posts' => true, + 'edit_published_posts' => true, + 'publish_posts' => true, + 'edit_pages' => true, + 'manage_categories' => true, + 'manage_links' => true, + 'upload_images' => true, + 'read' => true, + 'level_7' => true, + 'level_6' => true, + 'level_5' => true + )), + + 'author' => + array('name' => __('Author'), + 'capabilities' => array( + 'edit_posts' => true, + 'publish_posts' => true, + 'upload_images' => true, + 'read' => true, + 'level_2' => true + )), + + 'contributor' => + array('name' => __('Contributor'), + 'capabilities' => array( + 'edit_posts' => true, + 'read' => true, + 'level_1' => true + )), + + 'subscriber' => + array('name' => __('Subscriber'), + 'capabilities' => array( + 'read' => true, + 'level_0' => true + )), + + 'inactive' => + array('name' => __('Inactive'), + 'capabilities' => array()) + ); + + add_option($table_prefix . 'user_roles', $roles); +} ?> diff --git a/wp-inst/wp-comments-post.php b/wp-inst/wp-comments-post.php index ae81a4a..f354c58 100644 --- a/wp-inst/wp-comments-post.php +++ b/wp-inst/wp-comments-post.php @@ -1,11 +1,4 @@ <?php -/* -// This is a common User Agent used by comment spammers. -if( $_SERVER["HTTP_USER_AGENT"] == "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98; Win 9x 4.90)" || $_SERVER["HTTP_USER_AGENT"] == 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR 1.1.4322)' || $_SERVER["HTTP_USER_AGENT"] == 'Mozilla/3.0 (compatible; Indy Library)' ) -{ - die(); -} -*/ require( dirname(__FILE__) . '/wp-config.php' ); $comment_post_ID = (int) $_POST['comment_post_ID']; |