diff options
| author | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2007-10-12 16:21:15 +0000 |
|---|---|---|
| committer | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2007-10-12 16:21:15 +0000 |
| commit | 3a4570b0fc8b3d6339bef71d17d7701554e0bbf7 (patch) | |
| tree | 2a06e5261263c68d8afd95a6328879dc289cb909 /wp-admin/includes/post.php | |
| parent | b83c34a7010faee0223f6037025c350da12e05e6 (diff) | |
| download | wordpress-mu-3a4570b0fc8b3d6339bef71d17d7701554e0bbf7.tar.gz wordpress-mu-3a4570b0fc8b3d6339bef71d17d7701554e0bbf7.tar.xz wordpress-mu-3a4570b0fc8b3d6339bef71d17d7701554e0bbf7.zip | |
Merge with WP 2.3 - testing use only!
Move pluggable functions out of wpmu-functions and into pluggable.php, fixes #439
git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@1069 7be80a69-a1ef-0310-a953-fb0f7c49ff36
Diffstat (limited to 'wp-admin/includes/post.php')
| -rw-r--r-- | wp-admin/includes/post.php | 471 |
1 files changed, 471 insertions, 0 deletions
diff --git a/wp-admin/includes/post.php b/wp-admin/includes/post.php new file mode 100644 index 0000000..e27482c --- /dev/null +++ b/wp-admin/includes/post.php @@ -0,0 +1,471 @@ +<?php + +// Update an existing post with values provided in $_POST. +function edit_post() { + global $user_ID; + + $post_ID = (int) $_POST['post_ID']; + + if ( 'page' == $_POST['post_type'] ) { + if ( !current_user_can( 'edit_page', $post_ID ) ) + wp_die( __('You are not allowed to edit this page.' )); + } else { + if ( !current_user_can( 'edit_post', $post_ID ) ) + wp_die( __('You are not allowed to edit this post.' )); + } + + // Autosave shouldn't save too soon after a real save + if ( 'autosave' == $_POST['action'] ) { + $post =& get_post( $post_ID ); + $now = time(); + $then = strtotime($post->post_date_gmt . ' +0000'); + // Keep autosave_interval in sync with autosave-js.php. + $delta = apply_filters( 'autosave_interval', 120 ) / 2; + if ( ($now - $then) < $delta ) + return $post_ID; + } + + // Rename. + $_POST['ID'] = (int) $_POST['post_ID']; + $_POST['post_content'] = $_POST['content']; + $_POST['post_excerpt'] = $_POST['excerpt']; + $_POST['post_parent'] = $_POST['parent_id']; + $_POST['to_ping'] = $_POST['trackback_url']; + + if (!empty ( $_POST['post_author_override'] ) ) { + $_POST['post_author'] = (int) $_POST['post_author_override']; + } else + if (!empty ( $_POST['post_author'] ) ) { + $_POST['post_author'] = (int) $_POST['post_author']; + } else { + $_POST['post_author'] = (int) $_POST['user_ID']; + } + + if ( $_POST['post_author'] != $_POST['user_ID'] ) { + if ( 'page' == $_POST['post_type'] ) { + if ( !current_user_can( 'edit_others_pages' ) ) + wp_die( __('You are not allowed to edit pages as this user.' )); + } else { + if ( !current_user_can( 'edit_others_posts' ) ) + wp_die( __('You are not allowed to edit posts as this user.' )); + + } + } + + // What to do based on which button they pressed + if ('' != $_POST['saveasdraft'] ) + $_POST['post_status'] = 'draft'; + if ('' != $_POST['saveasprivate'] ) + $_POST['post_status'] = 'private'; + if ('' != $_POST['publish'] ) + $_POST['post_status'] = 'publish'; + if ('' != $_POST['advanced'] ) + $_POST['post_status'] = 'draft'; + + if ( 'page' == $_POST['post_type'] ) { + if ('publish' == $_POST['post_status'] && !current_user_can( 'edit_published_pages' )) + $_POST['post_status'] = 'pending'; + } else { + if ('publish' == $_POST['post_status'] && !current_user_can( 'edit_published_posts' )) + $_POST['post_status'] = 'pending'; + } + + if (!isset( $_POST['comment_status'] )) + $_POST['comment_status'] = 'closed'; + + if (!isset( $_POST['ping_status'] )) + $_POST['ping_status'] = 'closed'; + + if (!empty ( $_POST['edit_date'] ) ) { + $aa = $_POST['aa']; + $mm = $_POST['mm']; + $jj = $_POST['jj']; + $hh = $_POST['hh']; + $mn = $_POST['mn']; + $ss = $_POST['ss']; + $jj = ($jj > 31 ) ? 31 : $jj; + $hh = ($hh > 23 ) ? $hh -24 : $hh; + $mn = ($mn > 59 ) ? $mn -60 : $mn; + $ss = ($ss > 59 ) ? $ss -60 : $ss; + $_POST['post_date'] = "$aa-$mm-$jj $hh:$mn:$ss"; + $_POST['post_date_gmt'] = get_gmt_from_date( "$aa-$mm-$jj $hh:$mn:$ss" ); + } + + // Meta Stuff + if ( $_POST['meta'] ) { + foreach ( $_POST['meta'] as $key => $value ) + update_meta( $key, $value['key'], $value['value'] ); + } + + if ( $_POST['deletemeta'] ) { + foreach ( $_POST['deletemeta'] as $key => $value ) + delete_meta( $key ); + } + + add_meta( $post_ID ); + + wp_update_post( $_POST ); + + // Reunite any orphaned attachments with their parent + if ( !$draft_ids = get_user_option( 'autosave_draft_ids' ) ) + $draft_ids = array(); + if ( $draft_temp_id = (int) array_search( $post_ID, $draft_ids ) ) + _relocate_children( $draft_temp_id, $post_ID ); + + // Now that we have an ID we can fix any attachment anchor hrefs + _fix_attachment_links( $post_ID ); + + return $post_ID; +} + +// Default post information to use when populating the "Write Post" form. +function get_default_post_to_edit() { + if ( !empty( $_REQUEST['post_title'] ) ) + $post_title = wp_specialchars( stripslashes( $_REQUEST['post_title'] )); + else if ( !empty( $_REQUEST['popuptitle'] ) ) { + $post_title = wp_specialchars( stripslashes( $_REQUEST['popuptitle'] )); + $post_title = funky_javascript_fix( $post_title ); + } else { + $post_title = ''; + } + + if ( !empty( $_REQUEST['content'] ) ) + $post_content = wp_specialchars( stripslashes( $_REQUEST['content'] )); + else if ( !empty( $post_title ) ) { + $text = wp_specialchars( stripslashes( urldecode( $_REQUEST['text'] ) ) ); + $text = funky_javascript_fix( $text); + $popupurl = clean_url($_REQUEST['popupurl']); + $post_content = '<a href="'.$popupurl.'">'.$post_title.'</a>'."\n$text"; + } + + if ( !empty( $_REQUEST['excerpt'] ) ) + $post_excerpt = wp_specialchars( stripslashes( $_REQUEST['excerpt'] )); + else + $post_excerpt = ''; + + $post->post_status = 'draft'; + $post->comment_status = get_option( 'default_comment_status' ); + $post->ping_status = get_option( 'default_ping_status' ); + $post->post_pingback = get_option( 'default_pingback_flag' ); + $post->post_category = get_option( 'default_category' ); + $post->post_content = apply_filters( 'default_content', $post_content); + $post->post_title = apply_filters( 'default_title', $post_title ); + $post->post_excerpt = apply_filters( 'default_excerpt', $post_excerpt); + $post->page_template = 'default'; + $post->post_parent = 0; + $post->menu_order = 0; + + return $post; +} + +// Get an existing post and format it for editing. +function get_post_to_edit( $id ) { + + $post = get_post( $id, OBJECT, 'edit' ); + + if ( $post->post_type == 'page' ) + $post->page_template = get_post_meta( $id, '_wp_page_template', true ); + + return $post; +} + +function post_exists($title, $content = '', $post_date = '') { + global $wpdb; + + if (!empty ($post_date)) + $post_date = "AND post_date = '$post_date'"; + + if (!empty ($title)) + return $wpdb->get_var("SELECT ID FROM $wpdb->posts WHERE post_title = '$title' $post_date"); + else + if (!empty ($content)) + return $wpdb->get_var("SELECT ID FROM $wpdb->posts WHERE post_content = '$content' $post_date"); + + return 0; +} + +// Creates a new post from the "Write Post" form using $_POST information. +function wp_write_post() { + global $user_ID; + + if ( 'page' == $_POST['post_type'] ) { + if ( !current_user_can( 'edit_pages' ) ) + return new WP_Error( 'edit_pages', __( 'You are not allowed to create pages on this blog.' ) ); + } else { + if ( !current_user_can( 'edit_posts' ) ) + return new WP_Error( 'edit_posts', __( 'You are not allowed to create posts or drafts on this blog.' ) ); + } + + + // Check for autosave collisions + $temp_id = false; + if ( isset($_POST['temp_ID']) ) { + $temp_id = (int) $_POST['temp_ID']; + if ( !$draft_ids = get_user_option( 'autosave_draft_ids' ) ) + $draft_ids = array(); + foreach ( $draft_ids as $temp => $real ) + if ( time() + $temp > 86400 ) // 1 day: $temp is equal to -1 * time( then ) + unset($draft_ids[$temp]); + + if ( isset($draft_ids[$temp_id]) ) { // Edit, don't write + $_POST['post_ID'] = $draft_ids[$temp_id]; + unset($_POST['temp_ID']); + update_user_option( $user_ID, 'autosave_draft_ids', $draft_ids ); + return edit_post(); + } + } + + // Rename. + $_POST['post_content'] = $_POST['content']; + $_POST['post_excerpt'] = $_POST['excerpt']; + $_POST['post_parent'] = $_POST['parent_id']; + $_POST['to_ping'] = $_POST['trackback_url']; + + if (!empty ( $_POST['post_author_override'] ) ) { + $_POST['post_author'] = (int) $_POST['post_author_override']; + } else { + if (!empty ( $_POST['post_author'] ) ) { + $_POST['post_author'] = (int) $_POST['post_author']; + } else { + $_POST['post_author'] = (int) $_POST['user_ID']; + } + + } + + if ( $_POST['post_author'] != $_POST['user_ID'] ) { + if ( 'page' == $_POST['post_type'] ) { + if ( !current_user_can( 'edit_others_pages' ) ) + return new WP_Error( 'edit_others_pages', __( 'You are not allowed to create pages as this user.' ) ); + } else { + if ( !current_user_can( 'edit_others_posts' ) ) + return new WP_Error( 'edit_others_posts', __( 'You are not allowed to post as this user.' ) ); + + } + } + + // What to do based on which button they pressed + if ('' != $_POST['saveasdraft'] ) + $_POST['post_status'] = 'draft'; + if ('' != $_POST['saveasprivate'] ) + $_POST['post_status'] = 'private'; + if ('' != $_POST['publish'] ) + $_POST['post_status'] = 'publish'; + if ('' != $_POST['advanced'] ) + $_POST['post_status'] = 'draft'; + + if ( 'page' == $_POST['post_type'] ) { + if ('publish' == $_POST['post_status'] && !current_user_can( 'publish_pages' ) ) + $_POST['post_status'] = 'pending'; + } else { + if ('publish' == $_POST['post_status'] && !current_user_can( 'publish_posts' ) ) + $_POST['post_status'] = 'pending'; + } + + if (!isset( $_POST['comment_status'] )) + $_POST['comment_status'] = 'closed'; + + if (!isset( $_POST['ping_status'] )) + $_POST['ping_status'] = 'closed'; + + if (!empty ( $_POST['edit_date'] ) ) { + $aa = $_POST['aa']; + $mm = $_POST['mm']; + $jj = $_POST['jj']; + $hh = $_POST['hh']; + $mn = $_POST['mn']; + $ss = $_POST['ss']; + $jj = ($jj > 31 ) ? 31 : $jj; + $hh = ($hh > 23 ) ? $hh -24 : $hh; + $mn = ($mn > 59 ) ? $mn -60 : $mn; + $ss = ($ss > 59 ) ? $ss -60 : $ss; + $_POST['post_date'] = sprintf( "%04d-%02d-%02d %02d:%02d:%02d", $aa, $mm, $jj, $hh, $mn, $ss ); + $_POST['post_date_gmt'] = get_gmt_from_date( $_POST['post_date'] ); + } + + // Create the post. + $post_ID = wp_insert_post( $_POST ); + if ( is_wp_error( $post_ID ) ) + return $post_ID; + + if ( empty($post_ID) ) + return 0; + + add_meta( $post_ID ); + + // Reunite any orphaned attachments with their parent + if ( !$draft_ids = get_user_option( 'autosave_draft_ids' ) ) + $draft_ids = array(); + if ( $draft_temp_id = (int) array_search( $post_ID, $draft_ids ) ) + _relocate_children( $draft_temp_id, $post_ID ); + if ( $temp_id && $temp_id != $draft_temp_id ) + _relocate_children( $temp_id, $post_ID ); + + // Update autosave collision detection + if ( $temp_id ) { + $draft_ids[$temp_id] = $post_ID; + update_user_option( $user_ID, 'autosave_draft_ids', $draft_ids ); + } + + // Now that we have an ID we can fix any attachment anchor hrefs + _fix_attachment_links( $post_ID ); + + return $post_ID; +} + +function write_post() { + $result = wp_write_post(); + if( is_wp_error( $result ) ) + wp_die( $result->get_error_message() ); + else + return $result; +} + +// +// Post Meta +// + +function add_meta( $post_ID ) { + global $wpdb; + $post_ID = (int) $post_ID; + + $protected = array( '_wp_attached_file', '_wp_attachment_metadata', '_wp_old_slug', '_wp_page_template' ); + + $metakeyselect = $wpdb->escape( stripslashes( trim( $_POST['metakeyselect'] ) ) ); + $metakeyinput = $wpdb->escape( stripslashes( trim( $_POST['metakeyinput'] ) ) ); + $metavalue = maybe_serialize( stripslashes( (trim( $_POST['metavalue'] ) ) )); + $metavalue = $wpdb->escape( $metavalue ); + + if ( ('0' === $metavalue || !empty ( $metavalue ) ) && ((('#NONE#' != $metakeyselect) && !empty ( $metakeyselect) ) || !empty ( $metakeyinput) ) ) { + // We have a key/value pair. If both the select and the + // input for the key have data, the input takes precedence: + + if ('#NONE#' != $metakeyselect) + $metakey = $metakeyselect; + + if ( $metakeyinput) + $metakey = $metakeyinput; // default + + if ( in_array($metakey, $protected) ) + return false; + + $result = $wpdb->query( " + INSERT INTO $wpdb->postmeta + (post_id,meta_key,meta_value ) + VALUES ('$post_ID','$metakey','$metavalue' ) + " ); + return $wpdb->insert_id; + } + return false; +} // add_meta + +function delete_meta( $mid ) { + global $wpdb; + $mid = (int) $mid; + + return $wpdb->query( "DELETE FROM $wpdb->postmeta WHERE meta_id = '$mid'" ); +} + +// Get a list of previously defined keys +function get_meta_keys() { + global $wpdb; + + $keys = $wpdb->get_col( " + SELECT meta_key + FROM $wpdb->postmeta + GROUP BY meta_key + ORDER BY meta_key" ); + + return $keys; +} + +function get_post_meta_by_id( $mid ) { + global $wpdb; + $mid = (int) $mid; + + $meta = $wpdb->get_row( "SELECT * FROM $wpdb->postmeta WHERE meta_id = '$mid'" ); + if ( is_serialized_string( $meta->meta_value ) ) + $meta->meta_value = maybe_unserialize( $meta->meta_value ); + return $meta; +} + +// Some postmeta stuff +function has_meta( $postid ) { + global $wpdb; + + return $wpdb->get_results( " + SELECT meta_key, meta_value, meta_id, post_id + FROM $wpdb->postmeta + WHERE post_id = '$postid' + ORDER BY meta_key,meta_id", ARRAY_A ); + +} + +function update_meta( $mid, $mkey, $mvalue ) { + global $wpdb; + + $protected = array( '_wp_attached_file', '_wp_attachment_metadata', '_wp_old_slug', '_wp_page_template' ); + + if ( in_array($mkey, $protected) ) + return false; + + $mvalue = maybe_serialize( stripslashes( $mvalue )); + $mvalue = $wpdb->escape( $mvalue ); + $mid = (int) $mid; + return $wpdb->query( "UPDATE $wpdb->postmeta SET meta_key = '$mkey', meta_value = '$mvalue' WHERE meta_id = '$mid'" ); +} + +// +// Private +// + +// Replace hrefs of attachment anchors with up-to-date permalinks. +function _fix_attachment_links( $post_ID ) { + global $wp_rewrite; + + $post = & get_post( $post_ID, ARRAY_A ); + + $search = "#<a[^>]+rel=('|\")[^'\"]*attachment[^>]*>#ie"; + + // See if we have any rel="attachment" links + if ( 0 == preg_match_all( $search, $post['post_content'], $anchor_matches, PREG_PATTERN_ORDER ) ) + return; + + $i = 0; + $search = "#[\s]+rel=(\"|')(.*?)wp-att-(\d+)\\1#i"; + foreach ( $anchor_matches[0] as $anchor ) { + if ( 0 == preg_match( $search, $anchor, $id_matches ) ) + continue; + + $id = (int) $id_matches[3]; + + // While we have the attachment ID, let's adopt any orphans. + $attachment = & get_post( $id, ARRAY_A ); + if ( ! empty( $attachment) && ! is_object( get_post( $attachment['post_parent'] ) ) ) { + $attachment['post_parent'] = $post_ID; + // Escape data pulled from DB. + $attachment = add_magic_quotes( $attachment); + wp_update_post( $attachment); + } + + $post_search[$i] = $anchor; + $post_replace[$i] = preg_replace( "#href=(\"|')[^'\"]*\\1#e", "stripslashes( 'href=\\1' ).get_attachment_link( $id ).stripslashes( '\\1' )", $anchor ); + ++$i; + } + + $post['post_content'] = str_replace( $post_search, $post_replace, $post['post_content'] ); + + // Escape data pulled from DB. + $post = add_magic_quotes( $post); + + return wp_update_post( $post); +} + +// Move child posts to a new parent +function _relocate_children( $old_ID, $new_ID ) { + global $wpdb; + $old_ID = (int) $old_ID; + $new_ID = (int) $new_ID; + return $wpdb->query( "UPDATE $wpdb->posts SET post_parent = $new_ID WHERE post_parent = $old_ID" ); +} + +?>
\ No newline at end of file |