diff options
author | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2007-05-21 18:37:58 +0000 |
---|---|---|
committer | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2007-05-21 18:37:58 +0000 |
commit | 89fe0ff804e7c6497ebacc8b341ac89974f6f255 (patch) | |
tree | 3fce310b29c685008fdbb75c5ab531bc3a6ae12a /wp-admin/admin-functions.php | |
parent | a139071806ba941346a109fbefb2d5f22bae1cc4 (diff) | |
download | wordpress-mu-89fe0ff804e7c6497ebacc8b341ac89974f6f255.tar.gz wordpress-mu-89fe0ff804e7c6497ebacc8b341ac89974f6f255.tar.xz wordpress-mu-89fe0ff804e7c6497ebacc8b341ac89974f6f255.zip |
WP Merge to rev 5499, this is a big one! Test it before you put it live!
Test only, not for production use yet
git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@972 7be80a69-a1ef-0310-a953-fb0f7c49ff36
Diffstat (limited to 'wp-admin/admin-functions.php')
-rw-r--r-- | wp-admin/admin-functions.php | 93 |
1 files changed, 82 insertions, 11 deletions
diff --git a/wp-admin/admin-functions.php b/wp-admin/admin-functions.php index 7b9507c..10f8eeb 100644 --- a/wp-admin/admin-functions.php +++ b/wp-admin/admin-functions.php @@ -490,7 +490,7 @@ function edit_user( $user_id = 0 ) { if ( isset( $_POST['email'] )) $user->user_email = wp_specialchars( trim( $_POST['email'] )); if ( isset( $_POST['url'] ) ) { - $user->user_url = wp_specialchars( trim( $_POST['url'] )); + $user->user_url = clean_url( trim( $_POST['url'] )); $user->user_url = preg_match('/^(https?|ftps?|mailto|news|irc|gopher|nntp|feed|telnet):/is', $user->user_url) ? $user->user_url : 'http://'.$user->user_url; } if ( isset( $_POST['first_name'] )) @@ -702,6 +702,7 @@ function get_nested_categories( $default = 0, $parent = 0 ) { } } + $result = apply_filters('get_nested_categories', $result); usort( $result, 'sort_cats' ); return $result; @@ -774,6 +775,8 @@ function cat_rows( $parent = 0, $level = 0, $categories = 0 ) { if (!$categories ) $categories = get_categories( 'hide_empty=0' ); + $children = _get_category_hierarchy(); + if ( $categories ) { ob_start(); foreach ( $categories as $category ) { @@ -783,7 +786,8 @@ function cat_rows( $parent = 0, $level = 0, $categories = 0 ) { } if ( $category->category_parent == $parent) { echo "\t" . _cat_row( $category, $level ); - cat_rows( $category->cat_ID, $level +1, $categories ); + if ( isset($children[$category->cat_ID]) ) + cat_rows( $category->cat_ID, $level +1, $categories ); } } $output = ob_get_contents(); @@ -815,8 +819,8 @@ function _cat_row( $category, $level, $name_override = false ) { $class = ( ( defined( 'DOING_AJAX' ) && DOING_AJAX ) || " class='alternate'" == $class ) ? '' : " class='alternate'"; - $category->category_count = number_format( $category->category_count ); - $category->link_count = number_format( $category->link_count ); + $category->category_count = number_format_i18n( $category->category_count ); + $category->link_count = number_format_i18n( $category->link_count ); $posts_count = ( $category->category_count > 0 ) ? "<a href='edit.php?cat=$category->cat_ID'>$category->category_count</a>" : $category->category_count; return "<tr id='cat-$category->cat_ID'$class> <th scope='row' style='text-align: center'>$category->cat_ID</th> @@ -898,6 +902,68 @@ function user_row( $user_object, $style = '' ) { return $r; } +function _wp_get_comment_list( $s = false, $start, $num ) { + global $wpdb; + + $start = (int) $start; + $num = (int) $num; + + if ( $s ) { + $s = $wpdb->escape($s); + $comments = $wpdb->get_results("SELECT SQL_CALC_FOUND_ROWS * FROM $wpdb->comments WHERE + (comment_author LIKE '%$s%' OR + comment_author_email LIKE '%$s%' OR + comment_author_url LIKE ('%$s%') OR + comment_author_IP LIKE ('%$s%') OR + comment_content LIKE ('%$s%') ) AND + comment_approved != 'spam' + ORDER BY comment_date DESC LIMIT $start, $num"); + } else { + $comments = $wpdb->get_results( "SELECT SQL_CALC_FOUND_ROWS * FROM $wpdb->comments WHERE comment_approved = '0' OR comment_approved = '1' ORDER BY comment_date DESC LIMIT $start, $num" ); + } + + $total = $wpdb->get_var( "SELECT FOUND_ROWS()" ); + + return array($comments, $total); +} + +function _wp_comment_list_item( $id, $alt = 0 ) { + global $authordata, $comment, $wpdb; + $id = (int) $id; + $comment =& get_comment( $id ); + $class = ''; + $authordata = get_userdata($wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = $comment->comment_post_ID")); + $comment_status = wp_get_comment_status($comment->comment_ID); + if ( 'unapproved' == $comment_status ) + $class .= ' unapproved'; + if ( $alt % 2 ) + $class .= ' alternate'; + echo "<li id='comment-$comment->comment_ID' class='$class'>"; +?> +<p><strong><?php comment_author(); ?></strong> <?php if ($comment->comment_author_email) { ?>| <?php comment_author_email_link() ?> <?php } if ($comment->comment_author_url && 'http://' != $comment->comment_author_url) { ?> | <?php comment_author_url_link() ?> <?php } ?>| <?php _e('IP:') ?> <a href="http://ws.arin.net/cgi-bin/whois.pl?queryinput=<?php comment_author_IP() ?>"><?php comment_author_IP() ?></a></p> + +<?php comment_text() ?> + +<p><?php comment_date(__('M j, g:i A')); ?> — [ +<?php +if ( current_user_can('edit_post', $comment->comment_post_ID) ) { + echo " <a href='comment.php?action=editcomment&c=".$comment->comment_ID."'>" . __('Edit') . '</a>'; + echo ' | <a href="' . wp_nonce_url('ocomment.php?action=deletecomment&p=' . $comment->comment_post_ID . '&c=' . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . '" onclick="return deleteSomething( \'comment\', ' . $comment->comment_ID . ', \'' . js_escape(sprintf(__("You are about to delete this comment by '%s'.\n'Cancel' to stop, 'OK' to delete."), $comment->comment_author)) . "', theCommentList );\">" . __('Delete') . '</a> '; + if ( ('none' != $comment_status) && ( current_user_can('moderate_comments') ) ) { + echo '<span class="unapprove"> | <a href="' . wp_nonce_url('comment.php?action=unapprovecomment&p=' . $comment->comment_post_ID . '&c=' . $comment->comment_ID, 'unapprove-comment_' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\', theCommentList );">' . __('Unapprove') . '</a> </span>'; + echo '<span class="approve"> | <a href="' . wp_nonce_url('comment.php?action=approvecomment&p=' . $comment->comment_post_ID . '&c=' . $comment->comment_ID, 'approve-comment_' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\', theCommentList );">' . __('Approve') . '</a> </span>'; + } + echo " | <a href=\"" . wp_nonce_url("comment.php?action=deletecomment&dt=spam&p=" . $comment->comment_post_ID . "&c=" . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . "\" onclick=\"return deleteSomething( 'comment-as-spam', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to mark as spam this comment by '%s'.\n'Cancel' to stop, 'OK' to mark as spam."), $comment->comment_author)) . "', theCommentList );\">" . __('Spam') . "</a> "; +} +$post = get_post($comment->comment_post_ID); +$post_title = wp_specialchars( $post->post_title, 'double' ); +$post_title = ('' == $post_title) ? "# $comment->comment_post_ID" : $post_title; +?> + ] — <a href="<?php echo get_permalink($comment->comment_post_ID); ?>"><?php echo $post_title; ?></a></p> + </li> +<?php +} + function wp_dropdown_cats( $currentcat = 0, $currentparent = 0, $parent = 0, $level = 0, $categories = 0 ) { global $wpdb; if (!$categories ) @@ -1279,6 +1345,7 @@ function get_page_templates() { function page_template_dropdown( $default = '' ) { $templates = get_page_templates(); + ksort( $templates ); foreach (array_keys( $templates ) as $template ) : if ( $default == $templates[$template] ) $selected = " selected='selected'"; @@ -1684,7 +1751,7 @@ function get_plugin_data( $plugin_file ) { $author = '<a href="' . trim( $author_uri[1] ) . '" title="'.__( 'Visit author homepage' ).'">' . trim( $author_name[1] ) . '</a>'; } - return array ('Name' => $name, 'Title' => $plugin, 'Description' => $description, 'Author' => $author, 'Version' => $version, 'Template' => $template[1] ); + return array('Name' => $name, 'Title' => $plugin, 'Description' => $description, 'Author' => $author, 'Version' => $version); } function get_plugins() { @@ -1701,20 +1768,20 @@ function get_plugins() { $plugins_dir = @ dir( $plugin_root); if ( $plugins_dir ) { while (($file = $plugins_dir->read() ) !== false ) { - if ( preg_match( '|^\.+$|', $file )) + if ( substr($file, 0, 1) == '.' ) continue; if ( is_dir( $plugin_root.'/'.$file ) ) { $plugins_subdir = @ dir( $plugin_root.'/'.$file ); if ( $plugins_subdir ) { while (($subfile = $plugins_subdir->read() ) !== false ) { - if ( preg_match( '|^\.+$|', $subfile )) + if ( substr($subfile, 0, 1) == '.' ) continue; - if ( preg_match( '|\.php$|', $subfile )) + if ( substr($subfile, -4) == '.php' ) $plugin_files[] = "$file/$subfile"; } } } else { - if ( preg_match( '|\.php$|', $file )) + if ( substr($file, -4) == '.php' ) $plugin_files[] = $file; } } @@ -1795,7 +1862,7 @@ function register_importer( $id, $name, $description, $callback ) { function get_importers() { global $wp_importers; - + uasort($wp_importers, create_function('$a, $b', 'return strcmp($a[0], $b[0]);')); return $wp_importers; } @@ -1878,8 +1945,11 @@ function wp_handle_upload( &$file, $overrides = false ) { extract( $wp_filetype ); - if ( !$type || !$ext ) + if ( ( !$type || !$ext ) && !current_user_can( 'unfiltered_upload' ) ) return $upload_error_handler( $file, __( 'File type does not meet security guidelines. Try another.' )); + + if ( !$ext ) + $ext = strrchr($file['name'], '.'); } // A writable uploads dir will pass this test. Again, there's no point overriding this one. @@ -1950,6 +2020,7 @@ function wp_import_upload_form( $action ) { ?> <form enctype="multipart/form-data" id="import-upload-form" method="post" action="<?php echo attribute_escape($action) ?>"> <p> +<?php wp_nonce_field('import-upload'); ?> <label for="upload"><?php _e( 'Choose a file from your computer:' ); ?></label> (<?php printf( __('Maximum size: %s' ), $size ); ?> ) <input type="file" id="upload" name="import" size="25" /> <input type="hidden" name="action" value="save" /> |