diff options
author | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2006-06-27 11:03:10 +0000 |
---|---|---|
committer | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2006-06-27 11:03:10 +0000 |
commit | 8db1e81228b0e295199f6e3ee8a99d223c48f8c2 (patch) | |
tree | 131d8b23b9e939a9c23f24ec650b343efa918c5c /wp-admin | |
parent | 13aff523358403d08dc7fcb0d844a2e6c12df41a (diff) | |
download | wordpress-mu-8db1e81228b0e295199f6e3ee8a99d223c48f8c2.tar.gz wordpress-mu-8db1e81228b0e295199f6e3ee8a99d223c48f8c2.tar.xz wordpress-mu-8db1e81228b0e295199f6e3ee8a99d223c48f8c2.zip |
WP Merge
git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@599 7be80a69-a1ef-0310-a953-fb0f7c49ff36
Diffstat (limited to 'wp-admin')
-rw-r--r-- | wp-admin/admin-functions.php | 4 | ||||
-rw-r--r-- | wp-admin/categories.php | 6 | ||||
-rw-r--r-- | wp-admin/comment.php | 16 | ||||
-rw-r--r-- | wp-admin/edit-page-form.php | 3 | ||||
-rw-r--r-- | wp-admin/import/blogger.php | 6 | ||||
-rw-r--r-- | wp-admin/inline-uploading.php | 6 | ||||
-rw-r--r-- | wp-admin/link.php | 10 | ||||
-rw-r--r-- | wp-admin/moderation.php | 2 | ||||
-rw-r--r-- | wp-admin/options-discussion.php | 3 | ||||
-rw-r--r-- | wp-admin/page.php | 8 | ||||
-rw-r--r-- | wp-admin/plugin-editor.php | 4 | ||||
-rw-r--r-- | wp-admin/plugins.php | 4 | ||||
-rw-r--r-- | wp-admin/post.php | 8 | ||||
-rw-r--r-- | wp-admin/templates.php | 6 | ||||
-rw-r--r-- | wp-admin/theme-editor.php | 4 | ||||
-rw-r--r-- | wp-admin/themes.php | 68 | ||||
-rw-r--r-- | wp-admin/user-edit.php | 13 | ||||
-rw-r--r-- | wp-admin/users.php | 12 |
18 files changed, 95 insertions, 88 deletions
diff --git a/wp-admin/admin-functions.php b/wp-admin/admin-functions.php index 3cae3ae..038eb8c 100644 --- a/wp-admin/admin-functions.php +++ b/wp-admin/admin-functions.php @@ -412,8 +412,8 @@ function edit_user($user_id = 0) { if (isset ($_POST['pass2'])) $pass2 = $_POST['pass2']; - if (isset ($_POST['role'])) { - if($user_id != $current_user->id || $wp_roles->role_objects[$_POST['role']]->has_cap('edit_users')) + if (isset ($_POST['role']) && current_user_can('edit_users')) { + if ($user_id != $current_user->id || $wp_roles->role_objects[$_POST['role']]->has_cap('edit_users')) $user->role = $_POST['role']; } diff --git a/wp-admin/categories.php b/wp-admin/categories.php index 3e33f0c..7c66c6d 100644 --- a/wp-admin/categories.php +++ b/wp-admin/categories.php @@ -31,7 +31,7 @@ case 'addcat': wp_insert_category($_POST); - header('Location: categories.php?message=1#addcat'); + wp_redirect('categories.php?message=1#addcat'); break; case 'delete': @@ -52,7 +52,7 @@ case 'delete': wp_delete_category($cat_ID); - header('Location: categories.php?message=2'); + wp_redirect('categories.php?message=2'); break; @@ -74,7 +74,7 @@ case 'editedcat': wp_update_category($_POST); - header('Location: categories.php?message=3'); + wp_redirect('categories.php?message=3'); break; default: diff --git a/wp-admin/comment.php b/wp-admin/comment.php index 9adcba6..52ec008 100644 --- a/wp-admin/comment.php +++ b/wp-admin/comment.php @@ -118,9 +118,9 @@ case 'deletecomment': wp_delete_comment($comment->comment_ID); if ((wp_get_referer() != '') && (false == $noredir)) { - header('Location: ' . wp_get_referer()); + wp_redirect(wp_get_referer()); } else { - header('Location: '. get_settings('siteurl') .'/wp-admin/edit-comments.php'); + wp_redirect(get_settings('siteurl') .'/wp-admin/edit-comments.php'); } exit(); break; @@ -145,9 +145,9 @@ case 'unapprovecomment': wp_set_comment_status($comment->comment_ID, "hold"); if ((wp_get_referer() != "") && (false == $noredir)) { - header('Location: ' . wp_get_referer()); + wp_redirect(wp_get_referer()); } else { - header('Location: '. get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments'); + wp_redirect(get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments'); } exit(); break; @@ -176,9 +176,9 @@ case 'approvecomment': if ((wp_get_referer() != "") && (false == $noredir)) { - header('Location: ' . wp_get_referer()); + wp_redirect(wp_get_referer()); } else { - header('Location: '. get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments'); + wp_redirect(get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments'); } exit(); break; @@ -194,9 +194,9 @@ case 'editedcomment': $referredby = $_POST['referredby']; if (!empty($referredby)) { - header('Location: ' . $referredby); + wp_redirect($referredby); } else { - header ("Location: edit.php?p=$comment_post_ID&c=1#comments"); + wp_redirect("edit.php?p=$comment_post_ID&c=1#comments"); } break; diff --git a/wp-admin/edit-page-form.php b/wp-admin/edit-page-form.php index 14d5fa8..de6dd62 100644 --- a/wp-admin/edit-page-form.php +++ b/wp-admin/edit-page-form.php @@ -184,8 +184,9 @@ list_meta($metadata); </div> <?php if ('edit' == $action) : + $delete_nonce = wp_create_nonce( 'delete-page_' . $post_ID ); if ( current_user_can('delete_page', $post->ID) ) ?> - <input name="deletepost" class="delete" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this page') ?>" <?php echo "onclick=\"return confirm('" . sprintf(__("You are about to delete this page \'%s\'\\n \'Cancel\' to stop, \'OK\' to delete."), js_escape($post->post_title) ) . "')\""; ?> /> + <input name="deletepost" class="button" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this page') ?>" <?php echo "onclick=\"if ( confirm('" . sprintf(__("You are about to delete this page \'%s\'\\n \'Cancel\' to stop, \'OK\' to delete."), js_escape($post->post_title) ) . "') ) { document.forms.post._wpnonce.value = '$delete_nonce'; return true;}return false;\""; ?> /> <?php endif; ?> </form> diff --git a/wp-admin/import/blogger.php b/wp-admin/import/blogger.php index 8de766c..f79a164 100644 --- a/wp-admin/import/blogger.php +++ b/wp-admin/import/blogger.php @@ -30,7 +30,7 @@ class Blogger_Import { // Deletes saved data and redirect.
function restart() {
delete_option('import-blogger');
- header("Location: admin.php?import=blogger");
+ wp_redirect("admin.php?import=blogger");
die();
}
@@ -218,7 +218,7 @@ class Blogger_Import { // Redirects to next step
function do_next_step() {
- header("Location: admin.php?import=blogger&noheader=true&blog={$_GET['blog']}");
+ wp_redirect("admin.php?import=blogger&noheader=true&blog={$_GET['blog']}");
die();
}
@@ -278,7 +278,7 @@ class Blogger_Import { );
}
update_option('import-blogger', $this->import);
- header("Location: admin.php?import=blogger&noheader=true&step=1");
+ wp_redirect("admin.php?import=blogger&noheader=true&step=1");
}
die();
}
diff --git a/wp-admin/inline-uploading.php b/wp-admin/inline-uploading.php index 601f530..ca9f945 100644 --- a/wp-admin/inline-uploading.php +++ b/wp-admin/inline-uploading.php @@ -41,7 +41,7 @@ if ( !current_user_can('edit_post', (int) $attachment) ) wp_delete_attachment($attachment);
-header("Location: " . basename(__FILE__) ."?post=$post&all=$all&action=view&start=$start");
+wp_redirect(basename(__FILE__) ."?post=$post&all=$all&action=view&start=$start");
die;
case 'save':
@@ -105,7 +105,7 @@ if ( preg_match('!^image/!', $attachment['post_mime_type']) ) { add_post_meta($id, '_wp_attachment_metadata', array());
}
-header("Location: " . basename(__FILE__) . "?post=$post&all=$all&action=view&start=0");
+wp_redirect(basename(__FILE__) . "?post=$post&all=$all&action=view&start=0");
die();
case 'upload':
@@ -144,7 +144,7 @@ if ( '' == $sort ) $attachments = $wpdb->get_results("SELECT ID, post_date, post_title, post_mime_type, guid FROM $wpdb->posts WHERE post_type = 'attachment' $and_type $and_post $and_user ORDER BY $sort LIMIT $start, $double", ARRAY_A);
if ( count($attachments) == 0 ) {
- header("Location: " . basename(__FILE__) ."?post=$post&action=upload" );
+ wp_redirect( basename(__FILE__) ."?post=$post&action=upload" );
die;
} elseif ( count($attachments) > $num ) {
$next = $start + count($attachments) - $num;
diff --git a/wp-admin/link.php b/wp-admin/link.php index ae61da3..967a02c 100644 --- a/wp-admin/link.php +++ b/wp-admin/link.php @@ -37,7 +37,7 @@ switch ($action) { //for each link id (in $linkcheck[]) change category to selected value if (count($linkcheck) == 0) { - header('Location: '.$this_file); + wp_redirect($this_file); exit; } @@ -49,7 +49,7 @@ switch ($action) { $deleted++; } - header("Location: $this_file?deleted=$deleted"); + wp_redirect("$this_file?deleted=$deleted"); break; case 'move' : @@ -61,14 +61,14 @@ switch ($action) { //for each link id (in $linkcheck[]) change category to selected value if (count($linkcheck) == 0) { - header('Location: '.$this_file); + wp_redirect($this_file); exit; } $all_links = join(',', $linkcheck); // should now have an array of links we can change //$q = $wpdb->query("update $wpdb->links SET link_category='$category' WHERE link_id IN ($all_links)"); - header('Location: '.$this_file); + wp_redirect($this_file); break; case 'add' : @@ -76,7 +76,7 @@ switch ($action) { add_link(); - header('Location: '.wp_get_referer().'?added=true'); + wp_redirect(wp_get_referer().'?added=true'); break; case 'save' : diff --git a/wp-admin/moderation.php b/wp-admin/moderation.php index 5839e6f..530a99e 100644 --- a/wp-admin/moderation.php +++ b/wp-admin/moderation.php @@ -70,7 +70,7 @@ case 'update': } $file = basename(__FILE__); - header("Location: $file?ignored=$item_ignored&deleted=$item_deleted&approved=$item_approved&spam=$item_spam"); + wp_redirect("$file?ignored=$item_ignored&deleted=$item_deleted&approved=$item_approved&spam=$item_spam"); exit(); break; diff --git a/wp-admin/options-discussion.php b/wp-admin/options-discussion.php index 247c01f..c96b246 100644 --- a/wp-admin/options-discussion.php +++ b/wp-admin/options-discussion.php @@ -87,9 +87,6 @@ if ($action == 'retrospam') { <p> <textarea name="blacklist_keys" cols="60" rows="4" id="blacklist_keys" style="width: 98%; font-size: 12px;" class="code"><?php form_option('blacklist_keys'); ?></textarea> </p> -<p><label for="open_proxy_check"> -<input name="open_proxy_check" type="checkbox" id="open_proxy_check" value="1" <?php checked('1', get_settings('open_proxy_check')); ?> /> -<?php _e('Blacklist comments from open and insecure proxies.') ?></label></p> </fieldset> <p class="submit"> <input type="hidden" name="action" value="update" /> diff --git a/wp-admin/page.php b/wp-admin/page.php index 32fb2ae..16e2d9d 100644 --- a/wp-admin/page.php +++ b/wp-admin/page.php @@ -52,7 +52,7 @@ case 'post': if ( isset($_POST['save']) ) $location = "page.php?action=edit&post=$page_ID"; - header("Location: $location"); + wp_redirect($location); exit(); break; @@ -120,7 +120,7 @@ case 'editpost': } else { $location = 'page-new.php'; } - header ('Location: ' . $location); // Send user on their way while we keep working + wp_redirect($location); // Send user on their way while we keep working exit(); break; @@ -146,12 +146,12 @@ case 'delete': if (strstr($sendback, 'page.php')) $sendback = get_settings('siteurl') .'/wp-admin/page.php'; elseif (strstr($sendback, 'attachments.php')) $sendback = get_settings('siteurl') .'/wp-admin/attachments.php'; $sendback = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $sendback); - header ('Location: ' . $sendback); + wp_redirect($sendback); exit(); break; default: - header('Location: edit-pages.php'); + wp_redirect('edit-pages.php'); exit(); break; } // end switch diff --git a/wp-admin/plugin-editor.php b/wp-admin/plugin-editor.php index 56bab5a..4c3c600 100644 --- a/wp-admin/plugin-editor.php +++ b/wp-admin/plugin-editor.php @@ -45,9 +45,9 @@ case 'update': $f = fopen($real_file, 'w+'); fwrite($f, $newcontent); fclose($f); - header("Location: plugin-editor.php?file=$file&a=te"); + wp_redirect("plugin-editor.php?file=$file&a=te"); } else { - header("Location: plugin-editor.php?file=$file"); + wp_redirect("plugin-editor.php?file=$file"); } exit(); diff --git a/wp-admin/plugins.php b/wp-admin/plugins.php index e289e59..c5bef8b 100644 --- a/wp-admin/plugins.php +++ b/wp-admin/plugins.php @@ -19,14 +19,14 @@ if ( isset($_GET['action']) ) { include(ABSPATH . 'wp-content/plugins/' . trim( $_GET['plugin'] )); do_action('activate_' . trim( $_GET['plugin'] )); } - header('Location: plugins.php?activate=true'); + wp_redirect('plugins.php?activate=true'); } else if ('deactivate' == $_GET['action']) { check_admin_referer('deactivate-plugin_' . $_GET['plugin']); $current = get_settings('active_plugins'); array_splice($current, array_search( $_GET['plugin'], $current), 1 ); // Array-fu! update_option('active_plugins', $current); do_action('deactivate_' . trim( $_GET['plugin'] )); - header('Location: plugins.php?deactivate=true'); + wp_redirect('plugins.php?deactivate=true'); } exit; } diff --git a/wp-admin/post.php b/wp-admin/post.php index d603913..7f3c2ab 100644 --- a/wp-admin/post.php +++ b/wp-admin/post.php @@ -52,7 +52,7 @@ case 'post': if ( isset($_POST['save']) ) $location = "post.php?action=edit&post=$post_ID"; - header("Location: $location"); + wp_redirect($location); exit(); break; @@ -123,7 +123,7 @@ case 'editpost': $location = 'post-new.php'; } - header ('Location: ' . $location); // Send user on their way while we keep working + wp_redirect($location); // Send user on their way while we keep working exit(); break; @@ -149,12 +149,12 @@ case 'delete': if (strstr($sendback, 'post.php')) $sendback = get_settings('siteurl') .'/wp-admin/post-new.php'; elseif (strstr($sendback, 'attachments.php')) $sendback = get_settings('siteurl') .'/wp-admin/attachments.php'; $sendback = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $sendback); - header ('Location: ' . $sendback); + wp_redirect($sendback); exit(); break; default: - header('Location: edit.php'); + wp_redirect('edit.php'); exit(); break; } // end switch diff --git a/wp-admin/templates.php b/wp-admin/templates.php index c22d56a..ab5f1c1 100644 --- a/wp-admin/templates.php +++ b/wp-admin/templates.php @@ -48,12 +48,12 @@ case 'update': if ( $f ) { fwrite($f, $newcontent); fclose($f); - header("Location: templates.php?file=$file&a=te"); + wp_redirect("templates.php?file=$file&a=te"); } else { - header("Location: templates.php?file=$file&a=err"); + wp_redirect("templates.php?file=$file&a=err"); } } else { - header("Location: templates.php?file=$file&a=err"); + wp_redirect("templates.php?file=$file&a=err"); } exit(); diff --git a/wp-admin/theme-editor.php b/wp-admin/theme-editor.php index 10fb8fc..3213cc4 100644 --- a/wp-admin/theme-editor.php +++ b/wp-admin/theme-editor.php @@ -59,9 +59,9 @@ case 'update': $f = fopen($real_file, 'w+'); fwrite($f, $newcontent); fclose($f); - header("Location: theme-editor.php?file=$file&theme=$theme&a=te"); + wp_redirect("theme-editor.php?file=$file&theme=$theme&a=te"); } else { - header("Location: theme-editor.php?file=$file&theme=$theme"); + wp_redirect("theme-editor.php?file=$file&theme=$theme"); } exit(); diff --git a/wp-admin/themes.php b/wp-admin/themes.php index f57bd1b..bc8ecbe 100644 --- a/wp-admin/themes.php +++ b/wp-admin/themes.php @@ -1,35 +1,6 @@ <?php require_once('admin.php'); -if ( isset($_GET['action']) ) { - check_admin_referer('switch-theme_' . $_GET['template']); - - if ('activate' == $_GET['action']) { - if ( isset($_GET['template']) ) - update_option('template', $_GET['template']); - - if ( isset($_GET['stylesheet']) ) - update_option('stylesheet', $_GET['stylesheet']); - - do_action('switch_theme', get_current_theme()); - - header('Location: themes.php?activated=true'); - exit; - } -} - -$title = __('Manage Themes'); -$parent_file = 'themes.php'; -require_once('admin-header.php'); -?> - -<?php if ( ! validate_current_theme() ) : ?> -<div id="message1" class="updated fade"><p><?php _e('The active theme is broken. Reverting to the default theme.'); ?></p></div> -<?php elseif ( isset($_GET['activated']) ) : ?> -<div id="message2" class="updated fade"><p><?php printf(__('New theme activated. <a href="%s">View site »</a>'), get_bloginfo('home') . '/'); ?></p></div> -<?php endif; ?> - -<?php $themes = get_themes(); $ct = current_theme_info(); $allowed_themes = get_site_option( "allowed_themes" ); @@ -51,8 +22,47 @@ while( list( $key, $val ) = each( $themes ) ) { } } reset( $themes ); + +if ( isset($_GET['action']) ) { + check_admin_referer('switch-theme_' . $_GET['template']); + + if ('activate' == $_GET['action']) { + $found = false; + while( list( $key, $details ) = each( $themes ) ) { + if( $details[ 'Template' ] == $_GET['template'] && $details[ 'Stylesheet' ] == $_GET['stylesheet'] ) { + $found = true; + break; + } + } + if( $found == true ) { + if ( isset($_GET['template']) ) + update_option('template', $_GET['template']); + + if ( isset($_GET['stylesheet']) ) + update_option('stylesheet', $_GET['stylesheet']); + + do_action('switch_theme', get_current_theme()); + + wp_redirect('themes.php?activated=true'); + } else { + wp_redirect('themes.php'); + } + exit; + } +} + +$title = __('Manage Themes'); +$parent_file = 'themes.php'; +require_once('admin-header.php'); ?> +<?php if ( ! validate_current_theme() ) : ?> +<div id="message1" class="updated fade"><p><?php _e('The active theme is broken. Reverting to the default theme.'); ?></p></div> +<?php elseif ( isset($_GET['activated']) ) : ?> +<div id="message2" class="updated fade"><p><?php printf(__('New theme activated. <a href="%s">View site »</a>'), get_bloginfo('home') . '/'); ?></p></div> +<?php endif; ?> + + <div class="wrap"> <h2><?php _e('Current Theme'); ?></h2> <div id="currenttheme"> diff --git a/wp-admin/user-edit.php b/wp-admin/user-edit.php index 6b0f052..26376b7 100644 --- a/wp-admin/user-edit.php +++ b/wp-admin/user-edit.php @@ -25,11 +25,9 @@ for ($i=0; $i<count($wpvarstoreset); $i += 1) { } $wp_http_referer = remove_query_arg(array('update', 'delete_count'), stripslashes($wp_http_referer)); -$errors = array(); - // Only allow site admins to edit every user. -if( is_site_admin() == false ) - if( $user_id != $current_user->ID ) $errors = new WP_Error('head', __('You do not have permission to edit this user.')); +if ( !is_site_admin() && ($user_id != $current_user->ID) ) + $errors = new WP_Error('head', __('You do not have permission to edit this user.')); switch ($action) { case 'switchposts': @@ -46,13 +44,14 @@ check_admin_referer('update-user_' . $user_id); if ( !current_user_can('edit_user', $user_id) ) $errors = new WP_Error('head', __('You do not have permission to edit this user.')); -else - if( isset( $errors ) == false ) $errors = edit_user($user_id); + +if ( !isset($errors) ) + $errors = edit_user($user_id); if( !is_wp_error( $errors ) ) { $redirect = "user-edit.php?user_id=$user_id&updated=true"; $redirect = add_query_arg('wp_http_referer', urlencode($wp_http_referer), $redirect); - header("Location: $redirect"); + wp_redirect($redirect); exit; } diff --git a/wp-admin/users.php b/wp-admin/users.php index 2ed85bf..3c75395 100644 --- a/wp-admin/users.php +++ b/wp-admin/users.php @@ -124,7 +124,7 @@ case 'promote': check_admin_referer('bulk-users'); if (empty($_POST['users'])) { - header('Location: ' . $redirect); + wp_redirect($redirect); } if ( !current_user_can('edit_users') ) @@ -145,7 +145,7 @@ case 'promote': $user->set_role($_POST['new_role']); } - header('Location: ' . add_query_arg('update', $update, $redirect)); + wp_redirect(add_query_arg('update', $update, $redirect)); break; @@ -154,7 +154,7 @@ case 'dodelete': check_admin_referer('delete-users'); if ( empty($_POST['users']) ) { - header('Location: ' . $redirect); + wp_redirect($redirect); } if ( !current_user_can('delete_users') ) @@ -185,7 +185,7 @@ case 'dodelete': $redirect = add_query_arg('delete_count', $delete_count, $redirect); - header('Location: ' . add_query_arg('update', $update, $redirect)); + wp_redirect(add_query_arg('update', $update, $redirect)); break; @@ -194,7 +194,7 @@ case 'delete': check_admin_referer('bulk-users'); if ( empty($_POST['users']) ) - header('Location: ' . $redirect); + wp_redirect($redirect); if ( !current_user_can('delete_users') ) $errors = new WP_Error('edit_users', __('You can’t delete users.')); @@ -332,7 +332,7 @@ case 'adduser': else { $new_user_login = apply_filters('pre_user_login', sanitize_user(stripslashes($_POST['user_login']), true)); $redirect = add_query_arg('usersearch', $new_user_login, $redirect); - header('Location: ' . add_query_arg('update', $update, $redirect) . '#user-' . $user_id); + wp_redirect(add_query_arg('update', $update, $redirect) . '#user-' . $user_id); die(); } |