diff options
| author | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2008-07-03 17:00:59 +0000 |
|---|---|---|
| committer | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2008-07-03 17:00:59 +0000 |
| commit | 2b6348978ec434e2fa4114085783cf9ada097b22 (patch) | |
| tree | a3745bb9ace00b0a8f687bc8c1bfb74bb885077c /wp-admin/press-this.php | |
| parent | 102dc1d903d95fd7abdf2243d7e047b4b20099d3 (diff) | |
| download | wordpress-mu-2b6348978ec434e2fa4114085783cf9ada097b22.tar.gz wordpress-mu-2b6348978ec434e2fa4114085783cf9ada097b22.tar.xz wordpress-mu-2b6348978ec434e2fa4114085783cf9ada097b22.zip | |
WP Merge to rev 8249
git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@1347 7be80a69-a1ef-0310-a953-fb0f7c49ff36
Diffstat (limited to 'wp-admin/press-this.php')
| -rw-r--r-- | wp-admin/press-this.php | 27 |
1 files changed, 14 insertions, 13 deletions
diff --git a/wp-admin/press-this.php b/wp-admin/press-this.php index 8365cfd..56d5a27 100644 --- a/wp-admin/press-this.php +++ b/wp-admin/press-this.php @@ -115,7 +115,7 @@ function aposfix($text) { } // Ajax Requests -$title = wp_specialchars(stripslashes($_GET['t'])); +$title = wp_specialchars(aposfix(stripslashes($_GET['t']))); $selection = str_replace("\n", "<br />", aposfix( stripslashes($_GET['s']) ) ); $url = clean_url($_GET['u']); @@ -136,8 +136,8 @@ if($_REQUEST['ajax'] == 'thickbox') { ?> <input id="this_photo_description" name="photo_description" class="text" onkeypress="if(event.keyCode==13) image_selector();" value="<?php echo attribute_escape($title);?>"/> </div> - <p><input type="hidden" name="this_photo" value="<?php echo $image; ?>" id="this_photo" /> - <a href="#" class="select"><img src="<?php echo $image; ?>" width="475" alt="<?php echo attribute_escape(__('Click to insert.')); ?>" title="<?php echo attribute_escape(__('Click to insert.')); ?>" /></a></p> + <p><input type="hidden" name="this_photo" value="<?php echo attribute_escape($image); ?>" id="this_photo" /> + <a href="#" class="select"><img src="<?php echo clean_url($image); ?>" width="475" alt="<?php echo attribute_escape(__('Click to insert.')); ?>" title="<?php echo attribute_escape(__('Click to insert.')); ?>" /></a></p> <p id="options"><a href="#" class="select"><?php _e('Insert Image'); ?></a> | <a href="#" class="cancel"><?php _e('Cancel'); ?></a></p> <?php die; @@ -171,14 +171,14 @@ if($_REQUEST['ajax'] == 'thickbox_url') { ?> if($_REQUEST['ajax'] == 'video') { ?> <h2 id="embededcode"><label for="embed_code"><?php _e('Embed Code') ?></label></h2> <div class="titlewrap" > - <textarea name="embed_code" id="embed_code" rows="8" cols="40"><?php echo $selection; ?></textarea> + <textarea name="embed_code" id="embed_code" rows="8" cols="40"><?php echo format_to_edit($selection); ?></textarea> </div> <?php die; } if($_REQUEST['ajax'] == 'photo_images') { function get_images_from_uri($uri) { - if(preg_match('/\.(jpg|png|gif)/', $uri) && !strpos($uri,'blogger.com')) + if(preg_match('/\.(jpg|jpe|jpeg|png|gif)/', $uri) && !strpos($uri,'blogger.com')) return "'".$uri."'"; $content = wp_remote_fopen($uri); @@ -186,7 +186,7 @@ if($_REQUEST['ajax'] == 'photo_images') { $host = parse_url($uri); - $pattern = '/<img ([^>]*)src=(\"|\')(.+?)(\2)([^>\/]*)\/*>/is'; + $pattern = '/<img ([^>]*)src=(\"|\')([^<>]+?\.(png|jpeg|jpg|jpe|gif))(\2)([^>\/]*)\/*>/is'; preg_match_all($pattern, $content, $matches); if ( empty($matches[1]) ) return ''; @@ -199,7 +199,7 @@ if($_REQUEST['ajax'] == 'photo_images') { else $src = 'http://'.str_replace('//','/', $host['host'].'/'.$host['path'].'/'.$src); - $sources[] = $src; + $sources[] = clean_url($src); } return "'" . implode("','", $sources) . "'"; } @@ -400,7 +400,7 @@ if($_REQUEST['ajax'] == 'photo') { ?> case 'quote' : set_menu('quote'); set_title('<?php _e('Quote') ?>'); - set_editor("<blockquote><p><?php echo $selection; ?> </p><p><cite><a href='<?php echo $url; ?>'><?php echo $title; ?> </a> </cite> </p></blockquote>"); + set_editor("<blockquote><p><?php echo format_to_edit($selection); ?> </p><p><cite><a href='<?php echo $url; ?>'><?php echo $title; ?> </a> </cite> </p></blockquote>"); return false; break; case 'video' : @@ -420,8 +420,9 @@ if($_REQUEST['ajax'] == 'photo') { ?> list($domain, $video_id) = split(".com/", $url); $content = '<object width="400" height="225"><param name="allowfullscreen" value="true" /><param name="allowscriptaccess" value="always" /><param name="movie" value="http://www.vimeo.com/moogaloop.swf?clip_id=' . $video_id . '&server=www.vimeo.com&show_title=1&show_byline=1&show_portrait=0&color=&fullscreen=1" /> <embed src="http://www.vimeo.com/moogaloop.swf?clip_id=' . $video_id . '&server=www.vimeo.com&show_title=1&show_byline=1&show_portrait=0&color=&fullscreen=1" type="application/x-shockwave-flash" allowfullscreen="true" allowscriptaccess="always" width="400" height="225"></embed></object>'; - if(trim($selection) == '') $selection = '<a href="http://www.vimeo.com/' . $video_id . '?pg=embed&sec=' . $video_id . '">' . $title . '</a> on <a href="http://vimeo.com?pg=embed&sec=' . $video_id . '">Vimeo</a>'; - }else { + if ( trim($selection) == '' ) + $selection = '<a href="http://www.vimeo.com/' . $video_id . '?pg=embed&sec=' . $video_id . '">' . $title . '</a> on <a href="http://vimeo.com?pg=embed&sec=' . $video_id . '">Vimeo</a>'; + } else { $content = $selection; } ?> jQuery('#embed_code').prepend('<?php echo htmlentities($content); ?>'); @@ -433,8 +434,8 @@ if($_REQUEST['ajax'] == 'photo') { ?> case 'photo' : set_menu('photo'); set_title('<?php _e('Post') ?>'); - <?php if($selection) { ?> - set_editor("<?php echo $selection; ?>"); + <?php if ($selection) { ?> + set_editor("<?php echo format_to_edit($selection); ?>"); <?php } ?> jQuery('#extra_fields').show(); jQuery('#extra_fields').before('<h2 id="waiting"><img src="images/loading.gif" alt="" /><?php echo js_escape( __( 'Loading...' ) ); ?></h2>'); @@ -499,7 +500,7 @@ if($_REQUEST['ajax'] == 'photo') { ?> <div class="editor_area"> <h2 id="content_type"><label for="content"><?php _e('Post') ?></label></h2> <div class="editor-container"> - <textarea name="content" id="content" style="width:100%;" class="mceEditor"><?php if($selection) { ?><a href='<?php echo $url ?>'><?php echo $selection ?></a><?php } else { ?><a href='<?php echo $url ?>'><?php echo $title; ?></a><?php } ?></textarea> + <textarea name="content" id="content" style="width:100%;" class="mceEditor"><?php if ($selection) { ?><a href='<?php echo $url ?>'><?php echo format_to_edit($selection) ?></a><?php } else { ?><a href='<?php echo $url ?>'><?php echo $title; ?></a><?php } ?></textarea> </div> </div> </div> |