2006-03-28 20:51:55 -05:00
< ? php
2008-08-11 16:26:31 -04:00
/**
* WordPress AJAX Process Execution .
*
* @ package WordPress
* @ subpackage Administration
*/
/**
* Executing AJAX process .
*
2010-09-04 22:45:39 -04:00
* @ since 2.1 . 0
2008-08-11 16:26:31 -04:00
*/
2008-01-04 18:34:33 -05:00
define ( 'DOING_AJAX' , true );
2008-09-10 18:47:03 -04:00
define ( 'WP_ADMIN' , true );
2008-01-04 18:34:33 -05:00
2010-02-17 07:26:47 -05:00
if ( ! isset ( $_REQUEST [ 'action' ] ) )
die ( '-1' );
2010-09-10 13:02:55 -04:00
require_once ( '../wp-load.php' );
2010-04-18 02:14:45 -04:00
require_once ( './includes/admin.php' );
2009-01-18 00:40:40 -05:00
@ header ( 'Content-Type: text/html; charset=' . get_option ( 'blog_charset' ));
2010-02-25 16:41:33 -05:00
send_nosniff_header ();
2006-03-28 20:51:55 -05:00
2009-02-22 01:58:26 -05:00
do_action ( 'admin_init' );
2008-10-16 17:59:06 -04:00
if ( ! is_user_logged_in () ) {
2010-02-17 07:26:47 -05:00
if ( isset ( $_POST [ 'action' ] ) && $_POST [ 'action' ] == 'autosave' ) {
2008-10-16 17:59:06 -04:00
$id = isset ( $_POST [ 'post_ID' ]) ? ( int ) $_POST [ 'post_ID' ] : 0 ;
if ( ! $id )
die ( '-1' );
2010-01-21 16:37:43 -05:00
$message = sprintf ( __ ( '<strong>ALERT: You are logged out!</strong> Could not save draft. <a href="%s" target="_blank">Please log in again.</a>' ), wp_login_url () );
2010-02-17 07:26:47 -05:00
$x = new WP_Ajax_Response ( array (
'what' => 'autosave' ,
'id' => $id ,
'data' => $message
) );
$x -> send ();
2008-10-16 17:59:06 -04:00
}
2010-02-17 07:26:47 -05:00
if ( ! empty ( $_REQUEST [ 'action' ] ) )
2009-07-06 12:55:07 -04:00
do_action ( 'wp_ajax_nopriv_' . $_REQUEST [ 'action' ] );
2009-03-05 16:43:35 -05:00
2006-03-28 20:51:55 -05:00
die ( '-1' );
2008-10-16 17:59:06 -04:00
}
2006-03-28 20:51:55 -05:00
2008-10-22 13:15:19 -04:00
if ( isset ( $_GET [ 'action' ] ) ) :
switch ( $action = $_GET [ 'action' ] ) :
2010-08-11 17:54:51 -04:00
case 'fetch-list' :
2011-01-11 15:03:50 -05:00
$list_class = $_GET [ 'list_args' ][ 'class' ];
check_ajax_referer ( " fetch-list- $list_class " , '_ajax_fetch_list_nonce' );
2010-10-31 09:52:35 -04:00
$current_screen = ( object ) $_GET [ 'list_args' ][ 'screen' ];
2010-11-08 03:16:28 -05:00
//TODO fix this in a better way see #15336
2010-11-08 05:21:34 -05:00
$current_screen -> is_network = 'false' === $current_screen -> is_network ? false : true ;
$current_screen -> is_user = 'false' === $current_screen -> is_user ? false : true ;
2010-12-20 08:30:39 -05:00
define ( 'WP_NETWORK_ADMIN' , $current_screen -> is_network );
define ( 'WP_USER_ADMIN' , $current_screen -> is_user );
2011-01-18 06:06:22 -05:00
$wp_list_table = _get_list_table ( $list_class );
2010-10-24 22:58:25 -04:00
if ( ! $wp_list_table )
die ( '0' );
2010-08-11 17:54:51 -04:00
2010-12-16 04:18:28 -05:00
if ( ! $wp_list_table -> ajax_user_can () )
die ( '-1' );
2010-10-24 22:58:25 -04:00
$wp_list_table -> ajax_response ();
2010-08-11 17:54:51 -04:00
2010-10-24 22:58:25 -04:00
die ( '0' );
2010-08-11 17:54:51 -04:00
break ;
2008-10-22 13:15:19 -04:00
case 'ajax-tag-search' :
2010-12-07 13:59:25 -05:00
if ( isset ( $_GET [ 'tax' ] ) ) {
$taxonomy = sanitize_key ( $_GET [ 'tax' ] );
$tax = get_taxonomy ( $taxonomy );
if ( ! $tax )
die ( '0' );
if ( ! current_user_can ( $tax -> cap -> assign_terms ) )
die ( '-1' );
} else {
die ( '0' );
}
2008-01-02 20:34:11 -05:00
2011-01-11 15:15:25 -05:00
$s = stripslashes ( $_GET [ 'q' ] );
2009-02-01 04:45:24 -05:00
2008-08-27 16:47:01 -04:00
if ( false !== strpos ( $s , ',' ) ) {
2008-08-09 01:36:14 -04:00
$s = explode ( ',' , $s );
$s = $s [ count ( $s ) - 1 ];
2008-06-29 20:04:22 -04:00
}
$s = trim ( $s );
if ( strlen ( $s ) < 2 )
2008-11-12 00:02:58 -05:00
die ; // require 2 chars for matching
2008-12-18 14:12:26 -05:00
2011-01-11 15:15:25 -05:00
$results = $wpdb -> get_col ( $wpdb -> prepare ( " SELECT t.name FROM $wpdb->term_taxonomy AS tt INNER JOIN $wpdb->terms AS t ON tt.term_id = t.term_id WHERE tt.taxonomy = %s AND t.name LIKE (%s) " , $taxonomy , '%' . like_escape ( $s ) . '%' ) );
2008-12-18 14:12:26 -05:00
2008-01-02 20:34:11 -05:00
echo join ( $results , " \n " );
die ;
2008-10-22 13:15:19 -04:00
break ;
2009-01-14 09:18:51 -05:00
case 'wp-compression-test' :
if ( ! current_user_can ( 'manage_options' ) )
die ( '-1' );
2009-02-01 04:45:24 -05:00
if ( ini_get ( 'zlib.output_compression' ) || 'ob_gzhandler' == ini_get ( 'output_handler' ) ) {
2009-02-18 18:38:11 -05:00
update_site_option ( 'can_compress_scripts' , 0 );
2009-02-01 04:45:24 -05:00
die ( '0' );
}
if ( isset ( $_GET [ 'test' ]) ) {
header ( 'Expires: Wed, 11 Jan 1984 05:00:00 GMT' );
header ( 'Last-Modified: ' . gmdate ( 'D, d M Y H:i:s' ) . ' GMT' );
header ( 'Cache-Control: no-cache, must-revalidate, max-age=0' );
header ( 'Pragma: no-cache' );
header ( 'Content-Type: application/x-javascript; charset=UTF-8' );
$force_gzip = ( defined ( 'ENFORCE_GZIP' ) && ENFORCE_GZIP );
$test_str = '"wpCompressionTest Lorem ipsum dolor sit amet consectetuer mollis sapien urna ut a. Eu nonummy condimentum fringilla tempor pretium platea vel nibh netus Maecenas. Hac molestie amet justo quis pellentesque est ultrices interdum nibh Morbi. Cras mattis pretium Phasellus ante ipsum ipsum ut sociis Suspendisse Lorem. Ante et non molestie. Porta urna Vestibulum egestas id congue nibh eu risus gravida sit. Ac augue auctor Ut et non a elit massa id sodales. Elit eu Nulla at nibh adipiscing mattis lacus mauris at tempus. Netus nibh quis suscipit nec feugiat eget sed lorem et urna. Pellentesque lacus at ut massa consectetuer ligula ut auctor semper Pellentesque. Ut metus massa nibh quam Curabitur molestie nec mauris congue. Volutpat molestie elit justo facilisis neque ac risus Ut nascetur tristique. Vitae sit lorem tellus et quis Phasellus lacus tincidunt nunc Fusce. Pharetra wisi Suspendisse mus sagittis libero lacinia Integer consequat ac Phasellus. Et urna ac cursus tortor aliquam Aliquam amet tellus volutpat Vestibulum. Justo interdum condimentum In augue congue tellus sollicitudin Quisque quis nibh."' ;
if ( 1 == $_GET [ 'test' ] ) {
echo $test_str ;
die ;
} elseif ( 2 == $_GET [ 'test' ] ) {
2009-11-19 04:46:07 -05:00
if ( ! isset ( $_SERVER [ 'HTTP_ACCEPT_ENCODING' ]) )
die ( '-1' );
2010-02-13 21:27:19 -05:00
if ( false !== stripos ( $_SERVER [ 'HTTP_ACCEPT_ENCODING' ], 'deflate' ) && function_exists ( 'gzdeflate' ) && ! $force_gzip ) {
2009-02-01 04:45:24 -05:00
header ( 'Content-Encoding: deflate' );
$out = gzdeflate ( $test_str , 1 );
2010-02-13 21:27:19 -05:00
} elseif ( false !== stripos ( $_SERVER [ 'HTTP_ACCEPT_ENCODING' ], 'gzip' ) && function_exists ( 'gzencode' ) ) {
2009-02-01 04:45:24 -05:00
header ( 'Content-Encoding: gzip' );
$out = gzencode ( $test_str , 1 );
} else {
die ( '-1' );
}
echo $out ;
die ;
} elseif ( 'no' == $_GET [ 'test' ] ) {
2009-02-18 18:38:11 -05:00
update_site_option ( 'can_compress_scripts' , 0 );
2009-02-01 04:45:24 -05:00
} elseif ( 'yes' == $_GET [ 'test' ] ) {
2009-02-18 18:38:11 -05:00
update_site_option ( 'can_compress_scripts' , 1 );
2009-02-01 04:45:24 -05:00
}
2009-01-14 09:18:51 -05:00
}
2009-02-01 04:45:24 -05:00
2009-01-14 09:18:51 -05:00
die ( '0' );
break ;
2009-09-23 21:54:07 -04:00
case 'imgedit-preview' :
2009-09-10 18:07:33 -04:00
$post_id = intval ( $_GET [ 'postid' ]);
if ( empty ( $post_id ) || ! current_user_can ( 'edit_post' , $post_id ) )
die ( '-1' );
check_ajax_referer ( " image_editor- $post_id " );
include_once ( ABSPATH . 'wp-admin/includes/image-edit.php' );
2010-04-26 21:05:58 -04:00
if ( ! stream_preview_image ( $post_id ) )
2009-09-10 18:07:33 -04:00
die ( '-1' );
die ();
break ;
2010-04-26 21:05:58 -04:00
case 'menu-quick-search' :
2010-05-12 15:19:57 -04:00
if ( ! current_user_can ( 'edit_theme_options' ) )
2010-04-26 21:05:58 -04:00
die ( '-1' );
2010-05-03 16:26:11 -04:00
2010-04-26 21:05:58 -04:00
require_once ABSPATH . 'wp-admin/includes/nav-menu.php' ;
_wp_ajax_menu_quick_search ( $_REQUEST );
exit ;
break ;
2009-10-13 13:04:22 -04:00
case 'oembed-cache' :
$return = ( $wp_embed -> cache_oembed ( $_GET [ 'post' ] ) ) ? '1' : '0' ;
die ( $return );
break ;
2008-10-22 13:15:19 -04:00
default :
do_action ( 'wp_ajax_' . $_GET [ 'action' ] );
die ( '0' );
break ;
endswitch ;
endif ;
2008-01-02 20:34:11 -05:00
2008-12-14 07:13:30 -05:00
/**
* Sends back current comment total and new page links if they need to be updated .
*
* Contrary to normal success AJAX response ( " 1 " ), die with time () on success .
*
* @ since 2.7
*
* @ param int $comment_id
* @ return die
*/
2011-01-22 13:47:42 -05:00
function _wp_ajax_delete_comment_response ( $comment_id , $delta = - 1 ) {
2008-12-14 07:13:30 -05:00
$total = ( int ) @ $_POST [ '_total' ];
$per_page = ( int ) @ $_POST [ '_per_page' ];
$page = ( int ) @ $_POST [ '_page' ];
2009-05-18 12:00:33 -04:00
$url = esc_url_raw ( @ $_POST [ '_url' ] );
2009-04-27 14:36:27 -04:00
// JS didn't send us everything we need to know. Just die with success message
2008-12-14 07:13:30 -05:00
if ( ! $total || ! $per_page || ! $page || ! $url )
die ( ( string ) time () );
2011-01-22 13:47:42 -05:00
$total += $delta ;
if ( $total < 0 )
2008-12-14 07:13:30 -05:00
$total = 0 ;
2011-01-22 13:47:42 -05:00
// Only do the expensive stuff on a page-break, and about 1 other time per page
if ( 0 == $total % $per_page || 1 == mt_rand ( 1 , $per_page ) ) {
$post_id = 0 ;
$status = 'total_comments' ; // What type of comment count are we looking for?
$parsed = parse_url ( $url );
if ( isset ( $parsed [ 'query' ] ) ) {
parse_str ( $parsed [ 'query' ], $query_vars );
if ( ! empty ( $query_vars [ 'comment_status' ] ) )
$status = $query_vars [ 'comment_status' ];
if ( ! empty ( $query_vars [ 'p' ] ) )
$post_id = ( int ) $query_vars [ 'p' ];
}
2008-12-14 07:13:30 -05:00
2011-01-22 13:47:42 -05:00
$comment_count = wp_count_comments ( $post_id );
if ( isset ( $comment_count -> $status ) ) // We're looking for a known type of comment count
$total = $comment_count -> $status ;
// else use the decremented value from above
2008-12-14 07:13:30 -05:00
}
$time = time (); // The time since the last comment count
$x = new WP_Ajax_Response ( array (
'what' => 'comment' ,
'id' => $comment_id , // here for completeness - not used
'supplemental' => array (
2011-01-22 13:47:42 -05:00
'total_items_i18n' => sprintf ( _n ( '1 item' , '%s items' , $total ), number_format_i18n ( $total ) ),
'total_pages' => ceil ( $total / $per_page ),
'total_pages_i18n' => number_format_i18n ( ceil ( $total / $per_page ) ),
2008-12-14 07:13:30 -05:00
'total' => $total ,
'time' => $time
)
) );
$x -> send ();
}
2010-01-22 14:30:05 -05:00
function _wp_ajax_add_hierarchical_term () {
$action = $_POST [ 'action' ];
$taxonomy = get_taxonomy ( substr ( $action , 4 ));
2010-05-26 00:55:21 -04:00
check_ajax_referer ( $action , '_ajax_nonce-add-' . $taxonomy -> name );
2010-05-13 00:10:17 -04:00
if ( ! current_user_can ( $taxonomy -> cap -> edit_terms ) )
2010-01-22 14:30:05 -05:00
die ( '-1' );
$names = explode ( ',' , $_POST [ 'new' . $taxonomy -> name ]);
$parent = isset ( $_POST [ 'new' . $taxonomy -> name . '_parent' ]) ? ( int ) $_POST [ 'new' . $taxonomy -> name . '_parent' ] : 0 ;
if ( 0 > $parent )
$parent = 0 ;
if ( $taxonomy -> name == 'category' )
$post_category = isset ( $_POST [ 'post_category' ]) ? ( array ) $_POST [ 'post_category' ] : array ();
else
$post_category = ( isset ( $_POST [ 'tax_input' ]) && isset ( $_POST [ 'tax_input' ][ $taxonomy -> name ]) ) ? ( array ) $_POST [ 'tax_input' ][ $taxonomy -> name ] : array ();
$checked_categories = array_map ( 'absint' , ( array ) $post_category );
$popular_ids = wp_popular_terms_checklist ( $taxonomy -> name , 0 , 10 , false );
foreach ( $names as $cat_name ) {
$cat_name = trim ( $cat_name );
$category_nicename = sanitize_title ( $cat_name );
if ( '' === $category_nicename )
continue ;
2010-06-11 11:53:41 -04:00
if ( ! ( $cat_id = term_exists ( $cat_name , $taxonomy -> name , $parent )) ) {
2010-01-22 14:30:05 -05:00
$new_term = wp_insert_term ( $cat_name , $taxonomy -> name , array ( 'parent' => $parent ));
$cat_id = $new_term [ 'term_id' ];
}
$checked_categories [] = $cat_id ;
if ( $parent ) // Do these all at once in a second
continue ;
$category = get_term ( $cat_id , $taxonomy -> name );
ob_start ();
wp_terms_checklist ( 0 , array ( 'taxonomy' => $taxonomy -> name , 'descendants_and_self' => $cat_id , 'selected_cats' => $checked_categories , 'popular_cats' => $popular_ids ));
$data = ob_get_contents ();
ob_end_clean ();
$add = array (
'what' => $taxonomy -> name ,
'id' => $cat_id ,
'data' => str_replace ( array ( " \n " , " \t " ), '' , $data ),
'position' => - 1
);
}
if ( $parent ) { // Foncy - replace the parent and all its children
$parent = get_term ( $parent , $taxonomy -> name );
$term_id = $parent -> term_id ;
while ( $parent -> parent ) { // get the top parent
$parent = & get_term ( $parent -> parent , $taxonomy -> name );
if ( is_wp_error ( $parent ) )
break ;
$term_id = $parent -> term_id ;
}
ob_start ();
wp_terms_checklist ( 0 , array ( 'taxonomy' => $taxonomy -> name , 'descendants_and_self' => $term_id , 'selected_cats' => $checked_categories , 'popular_cats' => $popular_ids ));
$data = ob_get_contents ();
ob_end_clean ();
$add = array (
'what' => $taxonomy -> name ,
'id' => $term_id ,
'data' => str_replace ( array ( " \n " , " \t " ), '' , $data ),
'position' => - 1
);
}
ob_start ();
2010-05-13 20:34:04 -04:00
wp_dropdown_categories ( array (
'taxonomy' => $taxonomy -> name , 'hide_empty' => 0 , 'name' => 'new' . $taxonomy -> name . '_parent' , 'orderby' => 'name' ,
'hierarchical' => 1 , 'show_option_none' => '— ' . $taxonomy -> labels -> parent_item . ' —'
) );
2010-01-22 14:30:05 -05:00
$sup = ob_get_contents ();
ob_end_clean ();
$add [ 'supplemental' ] = array ( 'newcat_parent' => $sup );
$x = new WP_Ajax_Response ( $add );
$x -> send ();
}
2008-02-22 12:43:56 -05:00
$id = isset ( $_POST [ 'id' ]) ? ( int ) $_POST [ 'id' ] : 0 ;
2007-10-09 18:49:42 -04:00
switch ( $action = $_POST [ 'action' ] ) :
2008-12-14 07:13:30 -05:00
case 'delete-comment' : // On success, die with time() instead of 1
2006-03-28 20:51:55 -05:00
if ( ! $comment = get_comment ( $id ) )
2008-12-14 07:13:30 -05:00
die ( ( string ) time () );
2011-07-11 17:48:43 -04:00
if ( ! current_user_can ( 'edit_comment' , $comment -> comment_ID ) )
2006-03-28 20:51:55 -05:00
die ( '-1' );
2009-10-08 04:24:59 -04:00
check_ajax_referer ( " delete-comment_ $id " );
$status = wp_get_comment_status ( $comment -> comment_ID );
2011-01-22 13:47:42 -05:00
$delta = - 1 ;
2009-07-30 09:39:34 -04:00
if ( isset ( $_POST [ 'trash' ]) && 1 == $_POST [ 'trash' ] ) {
2009-10-08 04:24:59 -04:00
if ( 'trash' == $status )
2009-07-30 09:39:34 -04:00
die ( ( string ) time () );
$r = wp_trash_comment ( $comment -> comment_ID );
} elseif ( isset ( $_POST [ 'untrash' ]) && 1 == $_POST [ 'untrash' ] ) {
2009-10-08 04:24:59 -04:00
if ( 'trash' != $status )
die ( ( string ) time () );
2009-07-30 09:39:34 -04:00
$r = wp_untrash_comment ( $comment -> comment_ID );
2011-01-22 13:47:42 -05:00
if ( ! isset ( $_POST [ 'comment_status' ] ) || $_POST [ 'comment_status' ] != 'trash' ) // undo trash, not in trash
$delta = 1 ;
2009-07-30 09:39:34 -04:00
} elseif ( isset ( $_POST [ 'spam' ]) && 1 == $_POST [ 'spam' ] ) {
2009-10-08 04:24:59 -04:00
if ( 'spam' == $status )
2008-12-14 07:13:30 -05:00
die ( ( string ) time () );
2009-11-27 05:34:09 -05:00
$r = wp_spam_comment ( $comment -> comment_ID );
} elseif ( isset ( $_POST [ 'unspam' ]) && 1 == $_POST [ 'unspam' ] ) {
if ( 'spam' != $status )
die ( ( string ) time () );
$r = wp_unspam_comment ( $comment -> comment_ID );
2011-01-22 13:47:42 -05:00
if ( ! isset ( $_POST [ 'comment_status' ] ) || $_POST [ 'comment_status' ] != 'spam' ) // undo spam, not in spam
$delta = 1 ;
2009-10-08 04:24:59 -04:00
} elseif ( isset ( $_POST [ 'delete' ]) && 1 == $_POST [ 'delete' ] ) {
2009-07-30 09:39:34 -04:00
$r = wp_delete_comment ( $comment -> comment_ID );
2009-10-08 04:24:59 -04:00
} else {
die ( '-1' );
2008-07-08 22:00:21 -04:00
}
2009-10-08 04:24:59 -04:00
2008-12-14 07:13:30 -05:00
if ( $r ) // Decide if we need to send back '1' or a more complicated response including page links and comment counts
2011-01-22 13:47:42 -05:00
_wp_ajax_delete_comment_response ( $comment -> comment_ID , $delta );
2008-12-14 07:13:30 -05:00
die ( '0' );
2006-03-28 20:51:55 -05:00
break ;
2008-01-25 14:29:01 -05:00
case 'delete-tag' :
2009-07-01 04:12:39 -04:00
$tag_id = ( int ) $_POST [ 'tag_ID' ];
check_ajax_referer ( " delete-tag_ $tag_id " );
2008-01-25 14:29:01 -05:00
2009-07-01 04:12:39 -04:00
$taxonomy = ! empty ( $_POST [ 'taxonomy' ]) ? $_POST [ 'taxonomy' ] : 'post_tag' ;
2010-01-26 06:32:04 -05:00
$tax = get_taxonomy ( $taxonomy );
2010-05-13 00:10:17 -04:00
if ( ! current_user_can ( $tax -> cap -> delete_terms ) )
2010-01-26 06:32:04 -05:00
die ( '-1' );
2009-02-11 19:00:01 -05:00
2009-07-01 04:12:39 -04:00
$tag = get_term ( $tag_id , $taxonomy );
2008-07-08 22:00:21 -04:00
if ( ! $tag || is_wp_error ( $tag ) )
die ( '1' );
2009-07-01 04:12:39 -04:00
if ( wp_delete_term ( $tag_id , $taxonomy ))
2008-01-25 14:29:01 -05:00
die ( '1' );
2008-07-08 22:00:21 -04:00
else
die ( '0' );
2008-01-25 14:29:01 -05:00
break ;
2006-03-28 20:51:55 -05:00
case 'delete-link' :
2007-10-09 18:49:42 -04:00
check_ajax_referer ( " delete-bookmark_ $id " );
2006-03-28 20:51:55 -05:00
if ( ! current_user_can ( 'manage_links' ) )
die ( '-1' );
2008-07-08 22:00:21 -04:00
$link = get_bookmark ( $id );
if ( ! $link || is_wp_error ( $link ) )
die ( '1' );
2006-03-28 20:51:55 -05:00
if ( wp_delete_link ( $id ) )
die ( '1' );
2008-07-08 22:00:21 -04:00
else
die ( '0' );
2006-03-28 20:51:55 -05:00
break ;
case 'delete-meta' :
2008-03-22 04:15:48 -04:00
check_ajax_referer ( " delete-meta_ $id " );
2011-07-20 18:04:35 -04:00
if ( ! $meta = get_metadata_by_mid ( 'post' , $id ) )
2008-07-08 22:00:21 -04:00
die ( '1' );
2011-07-20 18:04:35 -04:00
if ( is_protected_meta ( $meta -> meta_key , 'post' ) || ! current_user_can ( 'delete_post_meta' , $meta -> post_id , $meta -> meta_key ) )
2006-03-28 20:51:55 -05:00
die ( '-1' );
if ( delete_meta ( $meta -> meta_id ) )
die ( '1' );
die ( '0' );
break ;
case 'delete-post' :
2007-10-09 18:49:42 -04:00
check_ajax_referer ( " { $action } _ $id " );
2006-03-28 20:51:55 -05:00
if ( ! current_user_can ( 'delete_post' , $id ) )
die ( '-1' );
2008-07-08 22:00:21 -04:00
if ( ! get_post ( $id ) )
die ( '1' );
2006-03-28 20:51:55 -05:00
if ( wp_delete_post ( $id ) )
die ( '1' );
2007-10-09 18:49:42 -04:00
else
die ( '0' );
2006-03-28 20:51:55 -05:00
break ;
2009-08-19 04:35:24 -04:00
case 'trash-post' :
2009-10-30 03:09:55 -04:00
case 'untrash-post' :
2009-08-19 04:35:24 -04:00
check_ajax_referer ( " { $action } _ $id " );
if ( ! current_user_can ( 'delete_post' , $id ) )
die ( '-1' );
if ( ! get_post ( $id ) )
die ( '1' );
2009-10-30 03:09:55 -04:00
if ( 'trash-post' == $action )
$done = wp_trash_post ( $id );
2009-08-19 04:35:24 -04:00
else
2009-10-30 03:09:55 -04:00
$done = wp_untrash_post ( $id );
if ( $done )
die ( '1' );
die ( '0' );
2009-08-19 04:35:24 -04:00
break ;
2006-03-28 20:51:55 -05:00
case 'delete-page' :
2007-10-09 18:49:42 -04:00
check_ajax_referer ( " { $action } _ $id " );
2006-03-28 20:51:55 -05:00
if ( ! current_user_can ( 'delete_page' , $id ) )
die ( '-1' );
2008-07-08 22:00:21 -04:00
if ( ! get_page ( $id ) )
die ( '1' );
2006-03-28 20:51:55 -05:00
if ( wp_delete_post ( $id ) )
die ( '1' );
2008-07-08 22:00:21 -04:00
else
die ( '0' );
2006-03-28 20:51:55 -05:00
break ;
2008-12-14 07:13:30 -05:00
case 'dim-comment' : // On success, die with time() instead of 1
2009-03-02 16:48:37 -05:00
if ( ! $comment = get_comment ( $id ) ) {
$x = new WP_Ajax_Response ( array (
'what' => 'comment' ,
'id' => new WP_Error ( 'invalid_comment' , sprintf ( __ ( 'Comment %d does not exist' ), $id ))
) );
$x -> send ();
}
2008-07-08 22:00:21 -04:00
2011-07-11 17:48:43 -04:00
if ( ! current_user_can ( 'edit_comment' , $comment -> comment_ID ) && ! current_user_can ( 'moderate_comments' ) )
2006-03-28 20:51:55 -05:00
die ( '-1' );
2008-07-08 22:00:21 -04:00
$current = wp_get_comment_status ( $comment -> comment_ID );
if ( $_POST [ 'new' ] == $current )
2008-12-14 07:13:30 -05:00
die ( ( string ) time () );
2008-07-08 22:00:21 -04:00
2009-10-08 04:24:59 -04:00
check_ajax_referer ( " approve-comment_ $id " );
if ( in_array ( $current , array ( 'unapproved' , 'spam' ) ) )
2009-03-02 16:48:37 -05:00
$result = wp_set_comment_status ( $comment -> comment_ID , 'approve' , true );
2009-10-08 04:24:59 -04:00
else
2009-03-02 16:48:37 -05:00
$result = wp_set_comment_status ( $comment -> comment_ID , 'hold' , true );
2009-10-08 04:24:59 -04:00
2009-03-02 16:48:37 -05:00
if ( is_wp_error ( $result ) ) {
$x = new WP_Ajax_Response ( array (
'what' => 'comment' ,
'id' => $result
) );
$x -> send ();
}
// Decide if we need to send back '1' or a more complicated response including page links and comment counts
_wp_ajax_delete_comment_response ( $comment -> comment_ID );
2008-12-14 07:13:30 -05:00
die ( '0' );
2006-03-28 20:51:55 -05:00
break ;
2007-06-01 22:53:09 -04:00
case 'add-link-category' : // On the Fly
2007-10-09 18:49:42 -04:00
check_ajax_referer ( $action );
2007-06-01 22:53:09 -04:00
if ( ! current_user_can ( 'manage_categories' ) )
die ( '-1' );
$names = explode ( ',' , $_POST [ 'newcat' ]);
$x = new WP_Ajax_Response ();
foreach ( $names as $cat_name ) {
$cat_name = trim ( $cat_name );
2007-11-01 02:23:16 -04:00
$slug = sanitize_title ( $cat_name );
if ( '' === $slug )
continue ;
2010-06-11 11:53:41 -04:00
if ( ! $cat_id = term_exists ( $cat_name , 'link_category' ) ) {
2007-06-01 22:53:09 -04:00
$cat_id = wp_insert_term ( $cat_name , 'link_category' );
}
2007-10-09 18:49:42 -04:00
$cat_id = $cat_id [ 'term_id' ];
2009-05-18 11:11:07 -04:00
$cat_name = esc_html ( stripslashes ( $cat_name ));
2007-06-01 22:53:09 -04:00
$x -> add ( array (
'what' => 'link-category' ,
'id' => $cat_id ,
2009-05-05 15:43:53 -04:00
'data' => " <li id='link-category- $cat_id '><label for='in-link-category- $cat_id ' class='selectit'><input value=' " . esc_attr ( $cat_id ) . " ' type='checkbox' checked='checked' name='link_category[]' id='in-link-category- $cat_id '/> $cat_name </label></li> " ,
2007-10-09 18:49:42 -04:00
'position' => - 1
2007-06-01 22:53:09 -04:00
) );
}
$x -> send ();
break ;
2010-08-11 17:54:51 -04:00
case 'add-tag' :
2011-05-23 19:33:30 -04:00
check_ajax_referer ( 'add-tag' , '_wpnonce_add-tag' );
2010-06-26 21:05:53 -04:00
$post_type = ! empty ( $_POST [ 'post_type' ]) ? $_POST [ 'post_type' ] : 'post' ;
2009-07-01 04:12:39 -04:00
$taxonomy = ! empty ( $_POST [ 'taxonomy' ]) ? $_POST [ 'taxonomy' ] : 'post_tag' ;
2010-01-26 06:32:04 -05:00
$tax = get_taxonomy ( $taxonomy );
2010-05-13 00:10:17 -04:00
if ( ! current_user_can ( $tax -> cap -> edit_terms ) )
2010-01-26 06:32:04 -05:00
die ( '-1' );
2010-08-11 17:54:51 -04:00
$x = new WP_Ajax_Response ();
2009-07-01 04:12:39 -04:00
$tag = wp_insert_term ( $_POST [ 'tag-name' ], $taxonomy , $_POST );
2008-01-25 14:29:01 -05:00
2009-07-01 04:12:39 -04:00
if ( ! $tag || is_wp_error ( $tag ) || ( ! $tag = get_term ( $tag [ 'term_id' ], $taxonomy )) ) {
2010-12-02 18:30:21 -05:00
$message = __ ( 'An error has occurred. Please reload the page and try again.' );
2010-02-13 00:40:47 -05:00
if ( is_wp_error ( $tag ) && $tag -> get_error_message () )
$message = $tag -> get_error_message ();
$x -> add ( array (
'what' => 'taxonomy' ,
'data' => new WP_Error ( 'error' , $message )
) );
$x -> send ();
2008-01-25 14:29:01 -05:00
}
2010-11-14 13:19:45 -05:00
set_current_screen ( $_POST [ 'screen' ] );
2010-06-09 12:52:25 -04:00
2011-01-18 06:06:22 -05:00
$wp_list_table = _get_list_table ( 'WP_Terms_List_Table' );
2010-08-11 17:54:51 -04:00
2010-01-24 06:00:27 -05:00
$level = 0 ;
if ( is_taxonomy_hierarchical ( $taxonomy ) ) {
2010-09-18 15:30:53 -04:00
$level = count ( get_ancestors ( $tag -> term_id , $taxonomy ) );
ob_start ();
$wp_list_table -> single_row ( $tag , $level );
$noparents = ob_get_clean ();
2010-04-25 03:35:16 -04:00
}
2010-09-18 15:30:53 -04:00
ob_start ();
$wp_list_table -> single_row ( $tag );
$parents = ob_get_clean ();
2010-02-13 00:40:47 -05:00
$x -> add ( array (
'what' => 'taxonomy' ,
'supplemental' => compact ( 'parents' , 'noparents' )
) );
$x -> add ( array (
'what' => 'term' ,
'position' => $level ,
2010-12-12 05:29:19 -05:00
'supplemental' => ( array ) $tag
2010-02-13 00:40:47 -05:00
) );
$x -> send ();
2008-01-25 14:29:01 -05:00
break ;
2008-11-04 18:15:59 -05:00
case 'get-tagcloud' :
2010-12-07 13:59:25 -05:00
if ( isset ( $_POST [ 'tax' ] ) ) {
$taxonomy = sanitize_key ( $_POST [ 'tax' ] );
$tax = get_taxonomy ( $taxonomy );
if ( ! $tax )
die ( '0' );
if ( ! current_user_can ( $tax -> cap -> assign_terms ) )
die ( '-1' );
} else {
2008-12-18 14:12:26 -05:00
die ( '0' );
2010-12-07 13:59:25 -05:00
}
2009-02-01 04:45:24 -05:00
2008-12-18 14:12:26 -05:00
$tags = get_terms ( $taxonomy , array ( 'number' => 45 , 'orderby' => 'count' , 'order' => 'DESC' ) );
2008-12-09 13:03:31 -05:00
2010-12-07 13:59:25 -05:00
if ( empty ( $tags ) )
2010-03-01 16:04:37 -05:00
die ( isset ( $tax -> no_tagcloud ) ? $tax -> no_tagcloud : __ ( 'No tags found!' ) );
2008-12-09 13:03:31 -05:00
2010-12-07 13:59:25 -05:00
if ( is_wp_error ( $tags ) )
die ( $tags -> get_error_message () );
2008-12-30 13:04:52 -05:00
2008-11-04 18:15:59 -05:00
foreach ( $tags as $key => $tag ) {
$tags [ $key ] -> link = '#' ;
$tags [ $key ] -> id = $tag -> term_id ;
}
2009-05-02 14:43:04 -04:00
// We need raw tag names here, so don't filter the output
$return = wp_generate_tag_cloud ( $tags , array ( 'filter' => 0 ) );
2008-11-04 18:15:59 -05:00
if ( empty ( $return ) )
die ( '0' );
2008-12-09 13:03:31 -05:00
2008-11-04 18:15:59 -05:00
echo $return ;
2008-12-09 13:03:31 -05:00
2008-11-04 18:15:59 -05:00
exit ;
break ;
2008-10-17 05:44:22 -04:00
case 'get-comments' :
check_ajax_referer ( $action );
2010-11-14 13:19:45 -05:00
set_current_screen ( 'edit-comments' );
2011-01-18 06:06:22 -05:00
$wp_list_table = _get_list_table ( 'WP_Post_Comments_List_Table' );
2010-09-18 13:46:29 -04:00
2010-11-29 15:15:04 -05:00
if ( ! current_user_can ( 'edit_post' , $post_id ) )
die ( '-1' );
2010-08-22 07:22:46 -04:00
$wp_list_table -> prepare_items ();
2008-10-17 05:44:22 -04:00
2010-08-22 07:22:46 -04:00
if ( ! $wp_list_table -> has_items () )
2008-10-17 05:44:22 -04:00
die ( '1' );
$x = new WP_Ajax_Response ();
2011-05-12 01:50:53 -04:00
ob_start ();
2010-08-22 07:22:46 -04:00
foreach ( $wp_list_table -> items as $comment ) {
2011-07-11 17:48:43 -04:00
if ( ! current_user_can ( 'edit_comment' , $comment -> comment_ID ) )
continue ;
2008-10-17 05:44:22 -04:00
get_comment ( $comment );
2011-05-12 01:50:53 -04:00
$wp_list_table -> single_row ( $comment );
2008-10-17 05:44:22 -04:00
}
2011-05-12 01:50:53 -04:00
$comment_list_item = ob_get_contents ();
ob_end_clean ();
2008-10-17 05:44:22 -04:00
$x -> add ( array (
'what' => 'comments' ,
'data' => $comment_list_item
) );
$x -> send ();
break ;
2008-08-24 02:56:22 -04:00
case 'replyto-comment' :
2010-05-26 00:55:21 -04:00
check_ajax_referer ( $action , '_ajax_nonce-replyto-comment' );
2008-08-24 02:56:22 -04:00
2010-11-08 18:07:37 -05:00
set_current_screen ( 'edit-comments' );
2008-08-24 02:56:22 -04:00
$comment_post_ID = ( int ) $_POST [ 'comment_post_ID' ];
if ( ! current_user_can ( 'edit_post' , $comment_post_ID ) )
die ( '-1' );
$status = $wpdb -> get_var ( $wpdb -> prepare ( " SELECT post_status FROM $wpdb->posts WHERE ID = %d " , $comment_post_ID ) );
if ( empty ( $status ) )
die ( '1' );
2009-12-13 22:03:58 -05:00
elseif ( in_array ( $status , array ( 'draft' , 'pending' , 'trash' ) ) )
2008-11-05 21:05:59 -05:00
die ( __ ( 'Error: you are replying to a comment on a draft post.' ) );
2008-08-24 02:56:22 -04:00
$user = wp_get_current_user ();
if ( $user -> ID ) {
$comment_author = $wpdb -> escape ( $user -> display_name );
$comment_author_email = $wpdb -> escape ( $user -> user_email );
$comment_author_url = $wpdb -> escape ( $user -> user_url );
2008-10-07 21:18:16 -04:00
$comment_content = trim ( $_POST [ 'content' ]);
2008-08-24 02:56:22 -04:00
if ( current_user_can ( 'unfiltered_html' ) ) {
if ( wp_create_nonce ( 'unfiltered-html-comment_' . $comment_post_ID ) != $_POST [ '_wp_unfiltered_html_comment' ] ) {
kses_remove_filters (); // start with a clean slate
kses_init_filters (); // set up the filters
}
}
} else {
die ( __ ( 'Sorry, you must be logged in to reply to a comment.' ) );
}
if ( '' == $comment_content )
die ( __ ( 'Error: please type a comment.' ) );
$comment_parent = absint ( $_POST [ 'comment_ID' ]);
2011-06-01 15:23:19 -04:00
$comment_auto_approved = false ;
2008-08-24 02:56:22 -04:00
$commentdata = compact ( 'comment_post_ID' , 'comment_author' , 'comment_author_email' , 'comment_author_url' , 'comment_content' , 'comment_type' , 'comment_parent' , 'user_ID' );
$comment_id = wp_new_comment ( $commentdata );
$comment = get_comment ( $comment_id );
if ( ! $comment ) die ( '1' );
2011-05-07 00:56:00 -04:00
$position = ( isset ( $_POST [ 'position' ]) && ( int ) $_POST [ 'position' ] ) ? ( int ) $_POST [ 'position' ] : '-1' ;
2008-08-24 02:56:22 -04:00
2011-06-01 15:23:19 -04:00
// automatically approve parent comment
if ( ! empty ( $_POST [ 'approve_parent' ]) ) {
$parent = get_comment ( $comment_parent );
if ( $parent && $parent -> comment_approved === '0' && $parent -> comment_post_ID == $comment_post_ID ) {
if ( wp_set_comment_status ( $parent -> comment_ID , 'approve' ) )
$comment_auto_approved = true ;
}
}
2008-08-24 02:56:22 -04:00
ob_start ();
2010-12-14 10:07:43 -05:00
if ( 'dashboard' == $_REQUEST [ 'mode' ] ) {
2008-10-08 19:32:34 -04:00
require_once ( ABSPATH . 'wp-admin/includes/dashboard.php' );
2010-09-18 13:46:29 -04:00
_wp_dashboard_recent_comments_row ( $comment );
2008-10-08 19:32:34 -04:00
} else {
2010-12-22 14:03:43 -05:00
if ( 'single' == $_REQUEST [ 'mode' ] ) {
2011-01-18 06:06:22 -05:00
$wp_list_table = _get_list_table ( 'WP_Post_Comments_List_Table' );
2011-01-05 23:11:14 -05:00
} else {
2011-01-18 06:06:22 -05:00
$wp_list_table = _get_list_table ( 'WP_Comments_List_Table' );
2010-12-22 14:03:43 -05:00
}
2010-09-18 13:46:29 -04:00
$wp_list_table -> single_row ( $comment );
2008-10-08 19:32:34 -04:00
}
2008-08-24 02:56:22 -04:00
$comment_list_item = ob_get_contents ();
ob_end_clean ();
2011-05-07 00:56:00 -04:00
$response = array (
2008-08-24 02:56:22 -04:00
'what' => 'comment' ,
'id' => $comment -> comment_ID ,
'data' => $comment_list_item ,
'position' => $position
2011-05-07 00:56:00 -04:00
);
2011-06-01 15:23:19 -04:00
if ( $comment_auto_approved )
$response [ 'supplemental' ] = array ( 'parent_approved' => $parent -> comment_ID );
2011-05-07 00:56:00 -04:00
$x = new WP_Ajax_Response ();
$x -> add ( $response );
2008-10-07 21:18:16 -04:00
$x -> send ();
break ;
case 'edit-comment' :
2010-05-26 00:55:21 -04:00
check_ajax_referer ( 'replyto-comment' , '_ajax_nonce-replyto-comment' );
2008-10-07 21:18:16 -04:00
2010-11-19 04:34:21 -05:00
set_current_screen ( 'edit-comments' );
2011-07-11 17:48:43 -04:00
$comment_id = ( int ) $_POST [ 'comment_ID' ];
if ( ! current_user_can ( 'edit_comment' , $comment_id ) )
2008-10-07 21:18:16 -04:00
die ( '-1' );
if ( '' == $_POST [ 'content' ] )
die ( __ ( 'Error: please type a comment.' ) );
$_POST [ 'comment_status' ] = $_POST [ 'status' ];
edit_comment ();
$position = ( isset ( $_POST [ 'position' ]) && ( int ) $_POST [ 'position' ]) ? ( int ) $_POST [ 'position' ] : '-1' ;
2010-09-18 13:46:29 -04:00
$comments_status = isset ( $_POST [ 'comments_listing' ]) ? $_POST [ 'comments_listing' ] : '' ;
2008-10-07 21:18:16 -04:00
2010-09-18 13:46:29 -04:00
$checkbox = ( isset ( $_POST [ 'checkbox' ]) && true == $_POST [ 'checkbox' ] ) ? 1 : 0 ;
2011-01-18 06:06:22 -05:00
$wp_list_table = _get_list_table ( $checkbox ? 'WP_Comments_List_Table' : 'WP_Post_Comments_List_Table' );
2008-10-07 21:18:16 -04:00
ob_start ();
2010-09-18 13:46:29 -04:00
$wp_list_table -> single_row ( get_comment ( $comment_id ) );
2008-10-07 21:18:16 -04:00
$comment_list_item = ob_get_contents ();
ob_end_clean ();
2010-08-11 17:54:51 -04:00
$x = new WP_Ajax_Response ();
2008-10-07 21:18:16 -04:00
$x -> add ( array (
'what' => 'edit_comment' ,
'id' => $comment -> comment_ID ,
'data' => $comment_list_item ,
'position' => $position
));
2007-03-27 17:20:16 -04:00
$x -> send ();
break ;
2010-04-26 21:05:58 -04:00
case 'add-menu-item' :
2010-05-12 15:19:57 -04:00
if ( ! current_user_can ( 'edit_theme_options' ) )
2010-04-26 21:05:58 -04:00
die ( '-1' );
2010-05-18 10:51:15 -04:00
check_ajax_referer ( 'add-menu_item' , 'menu-settings-column-nonce' );
2010-04-26 21:05:58 -04:00
require_once ABSPATH . 'wp-admin/includes/nav-menu.php' ;
2010-11-17 13:47:34 -05:00
// For performance reasons, we omit some object properties from the checklist.
2010-10-30 14:21:23 -04:00
// The following is a hacky way to restore them when adding non-custom items.
2010-10-30 18:41:52 -04:00
$menu_items_data = array ();
foreach ( ( array ) $_POST [ 'menu-item' ] as $menu_item_data ) {
if (
2010-11-17 13:47:34 -05:00
! empty ( $menu_item_data [ 'menu-item-type' ] ) &&
2010-10-30 18:41:52 -04:00
'custom' != $menu_item_data [ 'menu-item-type' ] &&
! empty ( $menu_item_data [ 'menu-item-object-id' ] )
) {
switch ( $menu_item_data [ 'menu-item-type' ] ) {
case 'post_type' :
$_object = get_post ( $menu_item_data [ 'menu-item-object-id' ] );
break ;
2010-10-29 20:13:45 -04:00
2010-10-30 18:41:52 -04:00
case 'taxonomy' :
2010-11-17 13:47:34 -05:00
$_object = get_term ( $menu_item_data [ 'menu-item-object-id' ], $menu_item_data [ 'menu-item-object' ] );
2010-10-30 18:41:52 -04:00
break ;
}
2010-10-29 20:13:45 -04:00
2010-11-17 13:47:34 -05:00
$_menu_items = array_map ( 'wp_setup_nav_menu_item' , array ( $_object ) );
2010-10-30 18:41:52 -04:00
$_menu_item = array_shift ( $_menu_items );
2010-10-29 20:13:45 -04:00
2010-10-30 18:41:52 -04:00
// Restore the missing menu item properties
$menu_item_data [ 'menu-item-description' ] = $_menu_item -> description ;
}
2010-11-17 13:47:34 -05:00
2010-10-30 18:41:52 -04:00
$menu_items_data [] = $menu_item_data ;
2010-11-17 13:47:34 -05:00
}
2010-10-30 14:21:23 -04:00
2010-10-29 20:13:45 -04:00
$item_ids = wp_save_nav_menu_items ( 0 , $menu_items_data );
2010-05-27 18:22:09 -04:00
if ( is_wp_error ( $item_ids ) )
die ( '-1' );
2010-05-03 16:26:11 -04:00
2010-04-26 21:05:58 -04:00
foreach ( ( array ) $item_ids as $menu_item_id ) {
$menu_obj = get_post ( $menu_item_id );
if ( ! empty ( $menu_obj -> ID ) ) {
2010-05-28 16:41:39 -04:00
$menu_obj = wp_setup_nav_menu_item ( $menu_obj );
$menu_obj -> label = $menu_obj -> title ; // don't show "(pending)" in ajax-added items
$menu_items [] = $menu_obj ;
2010-04-26 21:05:58 -04:00
}
}
if ( ! empty ( $menu_items ) ) {
$args = array (
'after' => '' ,
'before' => '' ,
'link_after' => '' ,
'link_before' => '' ,
2010-05-03 16:26:11 -04:00
'walker' => new Walker_Nav_Menu_Edit ,
2010-04-26 21:05:58 -04:00
);
echo walk_nav_menu_tree ( $menu_items , 0 , ( object ) $args );
}
break ;
2006-03-28 20:51:55 -05:00
case 'add-meta' :
2010-05-26 00:55:21 -04:00
check_ajax_referer ( 'add-meta' , '_ajax_nonce-add-meta' );
2007-10-09 18:49:42 -04:00
$c = 0 ;
$pid = ( int ) $_POST [ 'post_id' ];
2010-05-25 11:32:57 -04:00
$post = get_post ( $pid );
2008-03-24 21:42:38 -04:00
if ( isset ( $_POST [ 'metakeyselect' ]) || isset ( $_POST [ 'metakeyinput' ]) ) {
2007-10-09 18:49:42 -04:00
if ( ! current_user_can ( 'edit_post' , $pid ) )
die ( '-1' );
2009-04-16 17:55:35 -04:00
if ( isset ( $_POST [ 'metakeyselect' ]) && '#NONE#' == $_POST [ 'metakeyselect' ] && empty ( $_POST [ 'metakeyinput' ]) )
2007-11-01 02:23:16 -04:00
die ( '1' );
2010-05-25 11:32:57 -04:00
if ( $post -> post_status == 'auto-draft' ) {
$save_POST = $_POST ; // Backup $_POST
$_POST = array (); // Make it empty for edit_post()
$_POST [ 'action' ] = 'draft' ; // Warning fix
$_POST [ 'post_ID' ] = $pid ;
$_POST [ 'post_type' ] = $post -> post_type ;
$_POST [ 'post_status' ] = 'draft' ;
2007-10-09 18:49:42 -04:00
$now = current_time ( 'timestamp' , 1 );
2010-05-25 11:32:57 -04:00
$_POST [ 'post_title' ] = sprintf ( 'Draft created on %s at %s' , date ( get_option ( 'date_format' ), $now ), date ( get_option ( 'time_format' ), $now ));
if ( $pid = edit_post () ) {
2007-10-09 18:49:42 -04:00
if ( is_wp_error ( $pid ) ) {
$x = new WP_Ajax_Response ( array (
'what' => 'meta' ,
'data' => $pid
) );
$x -> send ();
}
2010-05-25 11:32:57 -04:00
$_POST = $save_POST ; // Now we can restore original $_POST again
2009-04-20 06:58:50 -04:00
if ( ! $mid = add_meta ( $pid ) )
2009-04-16 17:55:35 -04:00
die ( __ ( 'Please provide a custom field value.' ));
2007-10-09 18:49:42 -04:00
} else {
die ( '0' );
}
} else if ( ! $mid = add_meta ( $pid ) ) {
2009-04-16 17:55:35 -04:00
die ( __ ( 'Please provide a custom field value.' ));
2007-10-09 18:49:42 -04:00
}
2006-09-02 13:03:57 -04:00
2011-07-20 18:04:35 -04:00
$meta = get_metadata_by_mid ( 'post' , $mid );
2007-10-09 18:49:42 -04:00
$pid = ( int ) $meta -> post_id ;
$meta = get_object_vars ( $meta );
$x = new WP_Ajax_Response ( array (
'what' => 'meta' ,
'id' => $mid ,
'data' => _list_meta_row ( $meta , $c ),
'position' => 1 ,
'supplemental' => array ( 'postid' => $pid )
) );
2010-02-28 02:12:05 -05:00
} else { // Update?
2011-06-01 18:03:36 -04:00
$mid = ( int ) array_pop ( array_keys ( $_POST [ 'meta' ]) );
2011-08-03 15:14:06 -04:00
$key = stripslashes ( $_POST [ 'meta' ][ $mid ][ 'key' ] );
$value = stripslashes ( $_POST [ 'meta' ][ $mid ][ 'value' ] );
2010-04-23 23:53:47 -04:00
if ( '' == trim ( $key ) )
die ( __ ( 'Please provide a custom field name.' ));
if ( '' == trim ( $value ) )
die ( __ ( 'Please provide a custom field value.' ));
2011-08-03 15:14:06 -04:00
if ( ! $meta = get_metadata_by_mid ( 'post' , $mid ) )
2007-10-09 18:49:42 -04:00
die ( '0' ); // if meta doesn't exist
2011-07-21 15:32:12 -04:00
if ( is_protected_meta ( $meta -> meta_key , 'post' ) || is_protected_meta ( $key , 'post' ) ||
! current_user_can ( 'edit_post_meta' , $meta -> post_id , $meta -> meta_key ) ||
! current_user_can ( 'edit_post_meta' , $meta -> post_id , $key ) )
2011-05-22 19:19:42 -04:00
die ( '-1' );
2011-08-03 15:14:06 -04:00
if ( $meta -> meta_value != $value || $meta -> meta_key != $key ) {
if ( ! $u = update_metadata_by_mid ( 'post' , $mid , $value , $key ) )
2009-06-26 02:19:54 -04:00
die ( '0' ); // We know meta exists; we also know it's unchanged (or DB error, in which case there are bigger problems).
}
2009-04-20 06:58:50 -04:00
2006-09-13 17:39:53 -04:00
$x = new WP_Ajax_Response ( array (
'what' => 'meta' ,
2007-10-09 18:49:42 -04:00
'id' => $mid , 'old_id' => $mid ,
'data' => _list_meta_row ( array (
'meta_key' => $key ,
'meta_value' => $value ,
'meta_id' => $mid
), $c ),
'position' => 0 ,
2006-09-13 17:39:53 -04:00
'supplemental' => array ( 'postid' => $meta -> post_id )
) );
2006-03-28 20:51:55 -05:00
}
2007-10-09 18:49:42 -04:00
$x -> send ();
2006-03-28 20:51:55 -05:00
break ;
2006-04-01 19:31:26 -05:00
case 'add-user' :
2007-10-09 18:49:42 -04:00
check_ajax_referer ( $action );
2008-04-14 12:57:29 -04:00
if ( ! current_user_can ( 'create_users' ) )
2006-04-01 19:31:26 -05:00
die ( '-1' );
2007-03-22 22:05:29 -04:00
if ( ! $user_id = add_user () )
2006-04-01 19:31:26 -05:00
die ( '0' );
2006-09-13 17:39:53 -04:00
elseif ( is_wp_error ( $user_id ) ) {
2007-11-01 02:23:16 -04:00
$x = new WP_Ajax_Response ( array (
'what' => 'user' ,
'id' => $user_id
) );
$x -> send ();
2006-04-01 19:31:26 -05:00
}
2006-12-01 18:00:04 -05:00
$user_object = new WP_User ( $user_id );
2007-10-09 18:49:42 -04:00
2011-01-18 06:06:22 -05:00
$wp_list_table = _get_list_table ( 'WP_Users_List_Table' );
2010-08-11 17:54:51 -04:00
2006-09-13 17:39:53 -04:00
$x = new WP_Ajax_Response ( array (
'what' => 'user' ,
'id' => $user_id ,
2010-08-22 07:22:46 -04:00
'data' => $wp_list_table -> single_row ( $user_object , '' , $user_object -> roles [ 0 ] ),
2007-10-09 18:49:42 -04:00
'supplemental' => array (
'show-link' => sprintf ( __ ( 'User <a href="#%s">%s</a> added' ), " user- $user_id " , $user_object -> user_login ),
'role' => $user_object -> roles [ 0 ]
)
2006-09-13 17:39:53 -04:00
) );
$x -> send ();
2006-04-01 19:31:26 -05:00
break ;
2007-01-17 22:32:54 -05:00
case 'autosave' : // The name of this action is hardcoded in edit_post()
2008-04-18 19:38:21 -04:00
define ( 'DOING_AUTOSAVE' , true );
2008-05-08 13:25:07 -04:00
$nonce_age = check_ajax_referer ( 'autosave' , 'autosavenonce' );
2008-02-29 04:51:36 -05:00
2006-08-10 23:54:45 -04:00
$_POST [ 'post_category' ] = explode ( " , " , $_POST [ 'catslist' ]);
2010-01-15 18:49:09 -05:00
if ( $_POST [ 'post_type' ] == 'page' || empty ( $_POST [ 'post_category' ]) )
2007-02-27 10:24:54 -05:00
unset ( $_POST [ 'post_category' ]);
2008-02-29 04:51:36 -05:00
$do_autosave = ( bool ) $_POST [ 'autosave' ];
$do_lock = true ;
2011-04-15 22:37:44 -04:00
$data = $alert = '' ;
2009-03-12 23:53:39 -04:00
/* translators: draft saved date format, see http://php.net/date */
$draft_saved_date_format = __ ( 'g:i:s a' );
2010-04-19 11:08:48 -04:00
/* translators: %s: date and time */
2010-01-21 16:37:43 -05:00
$message = sprintf ( __ ( 'Draft saved at %s.' ), date_i18n ( $draft_saved_date_format ) );
2008-02-29 04:51:36 -05:00
$supplemental = array ();
2009-10-11 07:26:59 -04:00
if ( isset ( $login_grace_period ) )
2011-05-06 23:26:23 -04:00
$alert .= sprintf ( __ ( 'Your login has expired. Please open a new browser window and <a href="%s" target="_blank">log in again</a>. ' ), add_query_arg ( 'interim-login' , 1 , wp_login_url () ) );
2008-02-29 04:51:36 -05:00
2008-05-08 13:25:07 -04:00
$id = $revision_id = 0 ;
2010-02-06 05:07:57 -05:00
$post_ID = ( int ) $_POST [ 'post_ID' ];
$_POST [ 'ID' ] = $post_ID ;
$post = get_post ( $post_ID );
if ( 'auto-draft' == $post -> post_status )
2008-05-08 13:25:07 -04:00
$_POST [ 'post_status' ] = 'draft' ;
2008-02-29 04:51:36 -05:00
2010-02-06 05:07:57 -05:00
if ( $last = wp_check_post_lock ( $post -> ID ) ) {
$do_autosave = $do_lock = false ;
2008-02-29 04:51:36 -05:00
2010-02-06 05:07:57 -05:00
$last_user = get_userdata ( $last );
$last_user_name = $last_user ? $last_user -> display_name : __ ( 'Someone' );
2011-04-15 22:37:44 -04:00
$data = __ ( 'Autosave disabled.' );
2008-05-08 13:25:07 -04:00
2010-02-06 05:07:57 -05:00
$supplemental [ 'disable_autosave' ] = 'disable' ;
2011-04-15 22:37:44 -04:00
$alert .= sprintf ( __ ( '%s is currently editing this article. If you update it, you will overwrite the changes.' ), esc_html ( $last_user_name ) );
2010-02-06 05:07:57 -05:00
}
if ( 'page' == $post -> post_type ) {
if ( ! current_user_can ( 'edit_page' , $post_ID ) )
die ( __ ( 'You are not allowed to edit this page.' ));
} else {
if ( ! current_user_can ( 'edit_post' , $post_ID ) )
die ( __ ( 'You are not allowed to edit this post.' ));
}
if ( $do_autosave ) {
// Drafts and auto-drafts are just overwritten by autosave
if ( 'auto-draft' == $post -> post_status || 'draft' == $post -> post_status ) {
$id = edit_post ();
} else { // Non drafts are not overwritten. The autosave is stored in a special post revision.
$revision_id = wp_create_post_autosave ( $post -> ID );
if ( is_wp_error ( $revision_id ) )
$id = $revision_id ;
else
$id = $post -> ID ;
2008-03-03 15:58:06 -05:00
}
2010-02-06 05:07:57 -05:00
$data = $message ;
} else {
2011-09-18 19:23:39 -04:00
if ( ! empty ( $_POST [ 'auto_draft' ] ) )
2010-02-06 05:07:57 -05:00
$id = 0 ; // This tells us it didn't actually save
else
$id = $post -> ID ;
2006-08-10 23:54:45 -04:00
}
2008-02-29 04:51:36 -05:00
2011-09-27 16:52:07 -04:00
if ( $do_lock && empty ( $_POST [ 'auto_draft' ] ) && $id && is_numeric ( $id ) ) {
$lock_result = wp_set_post_lock ( $id );
$supplemental [ 'active-post-lock' ] = implode ( ':' , $lock_result );
}
2008-02-29 04:51:36 -05:00
2008-03-18 00:59:54 -04:00
if ( $nonce_age == 2 ) {
2008-03-17 22:43:20 -04:00
$supplemental [ 'replace-autosavenonce' ] = wp_create_nonce ( 'autosave' );
2008-03-18 00:59:54 -04:00
$supplemental [ 'replace-getpermalinknonce' ] = wp_create_nonce ( 'getpermalink' );
$supplemental [ 'replace-samplepermalinknonce' ] = wp_create_nonce ( 'samplepermalink' );
$supplemental [ 'replace-closedpostboxesnonce' ] = wp_create_nonce ( 'closedpostboxes' );
2011-09-29 17:39:55 -04:00
$supplemental [ 'replace-_ajax_linking_nonce' ] = wp_create_nonce ( 'internal-linking' );
2008-03-18 00:59:54 -04:00
if ( $id ) {
if ( $_POST [ 'post_type' ] == 'post' )
$supplemental [ 'replace-_wpnonce' ] = wp_create_nonce ( 'update-post_' . $id );
elseif ( $_POST [ 'post_type' ] == 'page' )
$supplemental [ 'replace-_wpnonce' ] = wp_create_nonce ( 'update-page_' . $id );
}
}
2008-03-17 22:43:20 -04:00
2011-04-15 22:37:44 -04:00
if ( ! empty ( $alert ) )
$supplemental [ 'alert' ] = $alert ;
2008-02-29 04:51:36 -05:00
$x = new WP_Ajax_Response ( array (
'what' => 'autosave' ,
'id' => $id ,
'data' => $id ? $data : '' ,
'supplemental' => $supplemental
) );
$x -> send ();
break ;
2008-01-09 12:46:13 -05:00
case 'closed-postboxes' :
2008-02-08 14:57:50 -05:00
check_ajax_referer ( 'closedpostboxes' , 'closedpostboxesnonce' );
2010-04-10 22:41:40 -04:00
$closed = isset ( $_POST [ 'closed' ] ) ? explode ( ',' , $_POST [ 'closed' ]) : array ();
$closed = array_filter ( $closed );
$hidden = isset ( $_POST [ 'hidden' ] ) ? explode ( ',' , $_POST [ 'hidden' ]) : array ();
$hidden = array_filter ( $hidden );
2009-02-23 21:37:22 -05:00
$page = isset ( $_POST [ 'page' ] ) ? $_POST [ 'page' ] : '' ;
2011-09-12 17:48:44 -04:00
if ( $page != sanitize_key ( $page ) )
die ( '0' );
2009-02-23 21:37:22 -05:00
if ( ! $user = wp_get_current_user () )
2009-04-27 14:36:27 -04:00
die ( '-1' );
2009-02-23 21:37:22 -05:00
2008-08-22 14:58:42 -04:00
if ( is_array ( $closed ) )
2010-04-16 13:39:24 -04:00
update_user_option ( $user -> ID , " closedpostboxes_ $page " , $closed , true );
2009-02-23 21:37:22 -05:00
2009-04-12 23:39:46 -04:00
if ( is_array ( $hidden ) ) {
2010-03-22 15:56:16 -04:00
$hidden = array_diff ( $hidden , array ( 'submitdiv' , 'linksubmitdiv' , 'manage-menu' , 'create-menu' ) ); // postboxes that are always shown
2010-04-16 13:44:38 -04:00
update_user_option ( $user -> ID , " metaboxhidden_ $page " , $hidden , true );
2009-04-12 23:39:46 -04:00
}
2009-02-23 21:37:22 -05:00
die ( '1' );
break ;
2008-09-10 21:46:30 -04:00
case 'hidden-columns' :
2009-04-05 04:25:10 -04:00
check_ajax_referer ( 'screen-options-nonce' , 'screenoptionnonce' );
2009-02-23 21:37:22 -05:00
$hidden = isset ( $_POST [ 'hidden' ] ) ? $_POST [ 'hidden' ] : '' ;
2008-09-10 21:46:30 -04:00
$hidden = explode ( ',' , $_POST [ 'hidden' ] );
2009-02-23 21:37:22 -05:00
$page = isset ( $_POST [ 'page' ] ) ? $_POST [ 'page' ] : '' ;
2011-09-12 17:48:44 -04:00
if ( $page != sanitize_key ( $page ) )
die ( '0' );
2009-02-23 21:37:22 -05:00
if ( ! $user = wp_get_current_user () )
2009-04-27 14:36:27 -04:00
die ( '-1' );
2009-02-23 21:37:22 -05:00
2008-09-10 21:46:30 -04:00
if ( is_array ( $hidden ) )
2010-04-25 11:59:03 -04:00
update_user_option ( $user -> ID , " manage { $page } columnshidden " , $hidden , true );
2009-02-23 21:37:22 -05:00
die ( '1' );
break ;
2010-05-26 10:49:43 -04:00
case 'menu-get-metabox' :
if ( ! current_user_can ( 'edit_theme_options' ) )
die ( '-1' );
require_once ABSPATH . 'wp-admin/includes/nav-menu.php' ;
if ( isset ( $_POST [ 'item-type' ] ) && 'post_type' == $_POST [ 'item-type' ] ) {
$type = 'posttype' ;
$callback = 'wp_nav_menu_item_post_type_meta_box' ;
$items = ( array ) get_post_types ( array ( 'show_in_nav_menus' => true ), 'object' );
} elseif ( isset ( $_POST [ 'item-type' ] ) && 'taxonomy' == $_POST [ 'item-type' ] ) {
$type = 'taxonomy' ;
$callback = 'wp_nav_menu_item_taxonomy_meta_box' ;
$items = ( array ) get_taxonomies ( array ( 'show_ui' => true ), 'object' );
}
if ( ! empty ( $_POST [ 'item-object' ] ) && isset ( $items [ $_POST [ 'item-object' ]] ) ) {
$item = apply_filters ( 'nav_menu_meta_box_object' , $items [ $_POST [ 'item-object' ] ] );
ob_start ();
call_user_func_array ( $callback , array (
null ,
array (
'id' => 'add-' . $item -> name ,
'title' => $item -> labels -> name ,
'callback' => $callback ,
'args' => $item ,
)
));
2010-06-02 16:04:07 -04:00
2010-05-26 10:49:43 -04:00
$markup = ob_get_clean ();
2010-06-02 16:04:07 -04:00
2010-05-26 10:49:43 -04:00
echo json_encode ( array (
'replace-id' => $type . '-' . $item -> name ,
'markup' => $markup ,
));
}
exit ;
break ;
2010-04-26 21:05:58 -04:00
case 'menu-quick-search' :
2010-05-12 15:19:57 -04:00
if ( ! current_user_can ( 'edit_theme_options' ) )
2010-04-26 21:05:58 -04:00
die ( '-1' );
2010-05-03 16:26:11 -04:00
2010-04-26 21:05:58 -04:00
require_once ABSPATH . 'wp-admin/includes/nav-menu.php' ;
_wp_ajax_menu_quick_search ( $_REQUEST );
2010-10-23 22:58:42 -04:00
exit ;
break ;
case 'wp-link-ajax' :
2011-01-11 15:03:50 -05:00
check_ajax_referer ( 'internal-linking' , '_ajax_linking_nonce' );
2010-11-18 02:59:05 -05:00
$args = array ();
2010-11-19 00:31:07 -05:00
if ( isset ( $_POST [ 'search' ] ) )
$args [ 's' ] = stripslashes ( $_POST [ 'search' ] );
2010-11-18 02:59:05 -05:00
$args [ 'pagenum' ] = ! empty ( $_POST [ 'page' ] ) ? absint ( $_POST [ 'page' ] ) : 1 ;
2011-08-03 06:19:00 -04:00
require ( ABSPATH . WPINC . '/class-wp-editor.php' );
$results = WP_Editor :: wp_link_query ( $args );
2010-11-18 02:59:05 -05:00
if ( ! isset ( $results ) )
die ( '0' );
echo json_encode ( $results );
echo " \n " ;
2010-11-17 13:47:34 -05:00
2010-04-26 21:05:58 -04:00
exit ;
break ;
2010-05-17 19:58:56 -04:00
case 'menu-locations-save' :
if ( ! current_user_can ( 'edit_theme_options' ) )
die ( '-1' );
2010-05-18 11:16:58 -04:00
check_ajax_referer ( 'add-menu_item' , 'menu-settings-column-nonce' );
2010-05-20 18:43:14 -04:00
if ( ! isset ( $_POST [ 'menu-locations' ] ) )
2010-05-17 19:58:56 -04:00
die ( '0' );
2010-07-22 03:00:22 -04:00
set_theme_mod ( 'nav_menu_locations' , array_map ( 'absint' , $_POST [ 'menu-locations' ] ) );
2010-05-17 19:58:56 -04:00
die ( '1' );
break ;
2009-02-23 21:37:22 -05:00
case 'meta-box-order' :
check_ajax_referer ( 'meta-box-order' );
$order = isset ( $_POST [ 'order' ] ) ? ( array ) $_POST [ 'order' ] : false ;
2011-08-25 18:55:39 -04:00
$page_columns = isset ( $_POST [ 'page_columns' ] ) ? $_POST [ 'page_columns' ] : 'auto' ;
if ( $page_columns != 'auto' )
$page_columns = ( int ) $page_columns ;
2009-02-23 21:37:22 -05:00
$page = isset ( $_POST [ 'page' ] ) ? $_POST [ 'page' ] : '' ;
2011-09-12 17:48:44 -04:00
if ( $page != sanitize_key ( $page ) )
die ( '0' );
2009-02-23 21:37:22 -05:00
if ( ! $user = wp_get_current_user () )
2009-04-27 14:36:27 -04:00
die ( '-1' );
2009-02-23 21:37:22 -05:00
if ( $order )
2010-04-25 11:59:03 -04:00
update_user_option ( $user -> ID , " meta-box-order_ $page " , $order , true );
2009-02-23 21:37:22 -05:00
if ( $page_columns )
2010-04-25 11:59:03 -04:00
update_user_option ( $user -> ID , " screen_layout_ $page " , $page_columns , true );
2009-02-23 21:37:22 -05:00
die ( '1' );
break ;
2008-02-21 01:19:46 -05:00
case 'get-permalink' :
check_ajax_referer ( 'getpermalink' , 'getpermalinknonce' );
$post_id = isset ( $_POST [ 'post_id' ]) ? intval ( $_POST [ 'post_id' ]) : 0 ;
2008-02-21 12:08:06 -05:00
die ( add_query_arg ( array ( 'preview' => 'true' ), get_permalink ( $post_id )));
2008-02-21 01:19:46 -05:00
break ;
2008-01-17 11:51:32 -05:00
case 'sample-permalink' :
2008-02-11 12:40:16 -05:00
check_ajax_referer ( 'samplepermalink' , 'samplepermalinknonce' );
2008-01-17 11:51:32 -05:00
$post_id = isset ( $_POST [ 'post_id' ]) ? intval ( $_POST [ 'post_id' ]) : 0 ;
2008-03-05 17:09:28 -05:00
$title = isset ( $_POST [ 'new_title' ]) ? $_POST [ 'new_title' ] : '' ;
2010-04-17 21:46:28 -04:00
$slug = isset ( $_POST [ 'new_slug' ]) ? $_POST [ 'new_slug' ] : null ;
2008-03-05 17:09:28 -05:00
die ( get_sample_permalink_html ( $post_id , $title , $slug ));
2008-01-17 11:51:32 -05:00
break ;
2008-09-10 18:47:03 -04:00
case 'inline-save' :
2008-09-21 15:45:45 -04:00
check_ajax_referer ( 'inlineeditnonce' , '_inline_edit' );
2008-10-05 00:43:52 -04:00
if ( ! isset ( $_POST [ 'post_ID' ]) || ! ( $post_ID = ( int ) $_POST [ 'post_ID' ] ) )
2008-09-17 07:32:33 -04:00
exit ;
2008-09-25 09:42:34 -04:00
2008-10-05 00:43:52 -04:00
if ( 'page' == $_POST [ 'post_type' ] ) {
if ( ! current_user_can ( 'edit_page' , $post_ID ) )
die ( __ ( 'You are not allowed to edit this page.' ) );
} else {
if ( ! current_user_can ( 'edit_post' , $post_ID ) )
die ( __ ( 'You are not allowed to edit this post.' ) );
}
2010-11-14 13:19:45 -05:00
set_current_screen ( $_POST [ 'screen' ] );
2010-01-22 13:27:54 -05:00
2008-10-05 00:43:52 -04:00
if ( $last = wp_check_post_lock ( $post_ID ) ) {
2008-09-25 09:42:34 -04:00
$last_user = get_userdata ( $last );
$last_user_name = $last_user ? $last_user -> display_name : __ ( 'Someone' );
2009-05-18 11:11:07 -04:00
printf ( $_POST [ 'post_type' ] == 'page' ? __ ( 'Saving is disabled: %s is currently editing this page.' ) : __ ( 'Saving is disabled: %s is currently editing this post.' ), esc_html ( $last_user_name ) );
2008-09-25 09:42:34 -04:00
exit ;
}
2008-10-05 00:43:52 -04:00
$data = & $_POST ;
2009-05-24 19:47:49 -04:00
2008-10-05 00:43:52 -04:00
$post = get_post ( $post_ID , ARRAY_A );
2009-05-15 16:05:52 -04:00
$post = add_magic_quotes ( $post ); //since it is from db
2009-05-24 19:47:49 -04:00
2008-10-05 00:43:52 -04:00
$data [ 'content' ] = $post [ 'post_content' ];
$data [ 'excerpt' ] = $post [ 'post_excerpt' ];
// rename
$data [ 'user_ID' ] = $GLOBALS [ 'user_ID' ];
2008-11-15 07:04:38 -05:00
if ( isset ( $data [ 'post_parent' ]) )
$data [ 'parent_id' ] = $data [ 'post_parent' ];
2008-10-05 00:43:52 -04:00
// status
2008-11-15 07:04:38 -05:00
if ( isset ( $data [ 'keep_private' ]) && 'private' == $data [ 'keep_private' ] )
2008-10-05 00:43:52 -04:00
$data [ 'post_status' ] = 'private' ;
else
$data [ 'post_status' ] = $data [ '_status' ];
if ( empty ( $data [ 'comment_status' ]) )
$data [ 'comment_status' ] = 'closed' ;
if ( empty ( $data [ 'ping_status' ]) )
$data [ 'ping_status' ] = 'closed' ;
// update the post
edit_post ();
2011-01-18 06:06:22 -05:00
$wp_list_table = _get_list_table ( 'WP_Posts_List_Table' );
2010-08-11 17:54:51 -04:00
$mode = $_POST [ 'post_view' ];
2010-08-22 07:22:46 -04:00
$wp_list_table -> display_rows ( array ( get_post ( $_POST [ 'post_ID' ] ) ) );
2008-10-05 00:43:52 -04:00
exit ;
break ;
case 'inline-save-tax' :
check_ajax_referer ( 'taxinlineeditnonce' , '_inline_edit' );
2010-12-16 04:18:28 -05:00
$taxonomy = sanitize_key ( $_POST [ 'taxonomy' ] );
$tax = get_taxonomy ( $taxonomy );
if ( ! $tax )
die ( '0' );
2010-11-14 13:08:25 -05:00
2010-12-16 04:18:28 -05:00
if ( ! current_user_can ( $tax -> cap -> edit_terms ) )
die ( '-1' );
2010-01-26 17:49:05 -05:00
2010-12-16 04:18:28 -05:00
set_current_screen ( 'edit-' . $taxonomy );
2011-01-18 06:06:22 -05:00
$wp_list_table = _get_list_table ( 'WP_Terms_List_Table' );
2008-10-05 00:43:52 -04:00
if ( ! isset ( $_POST [ 'tax_ID' ]) || ! ( $id = ( int ) $_POST [ 'tax_ID' ] ) )
2008-11-29 08:03:03 -05:00
die ( - 1 );
2008-10-05 00:43:52 -04:00
2010-08-11 17:54:51 -04:00
$tag = get_term ( $id , $taxonomy );
$_POST [ 'description' ] = $tag -> description ;
2008-10-05 00:43:52 -04:00
2010-08-11 17:54:51 -04:00
$updated = wp_update_term ( $id , $taxonomy , $_POST );
if ( $updated && ! is_wp_error ( $updated ) ) {
$tag = get_term ( $updated [ 'term_id' ], $taxonomy );
if ( ! $tag || is_wp_error ( $tag ) ) {
if ( is_wp_error ( $tag ) && $tag -> get_error_message () )
die ( $tag -> get_error_message () );
die ( __ ( 'Item not updated.' ) );
}
2010-06-14 19:39:35 -04:00
2010-09-18 15:30:53 -04:00
echo $wp_list_table -> single_row ( $tag );
2010-08-11 17:54:51 -04:00
} else {
if ( is_wp_error ( $updated ) && $updated -> get_error_message () )
die ( $updated -> get_error_message () );
die ( __ ( 'Item not updated.' ) );
2008-10-05 00:43:52 -04:00
}
exit ;
2008-09-21 15:45:45 -04:00
break ;
2008-09-16 00:24:28 -04:00
case 'find_posts' :
check_ajax_referer ( 'find-posts' );
if ( empty ( $_POST [ 'ps' ]) )
exit ;
2010-05-24 22:18:07 -04:00
if ( ! empty ( $_POST [ 'post_type' ]) && in_array ( $_POST [ 'post_type' ], get_post_types () ) )
$what = $_POST [ 'post_type' ];
else
$what = 'post' ;
2008-09-16 00:24:28 -04:00
$s = stripslashes ( $_POST [ 'ps' ]);
preg_match_all ( '/".*?("|$)|((?<=[\\s",+])|^)[^\\s",+]+/' , $s , $matches );
2009-10-18 07:50:59 -04:00
$search_terms = array_map ( '_search_terms_tidy' , $matches [ 0 ]);
2008-09-16 00:24:28 -04:00
$searchand = $search = '' ;
2009-11-16 22:08:38 -05:00
foreach ( ( array ) $search_terms as $term ) {
2010-12-16 09:22:41 -05:00
$term = esc_sql ( like_escape ( $term ) );
2008-09-16 00:24:28 -04:00
$search .= " { $searchand } (( $wpdb->posts .post_title LIKE '% { $term } %') OR ( $wpdb->posts .post_content LIKE '% { $term } %')) " ;
$searchand = ' AND ' ;
}
2010-12-16 09:22:41 -05:00
$term = esc_sql ( like_escape ( $s ) );
2008-09-16 00:24:28 -04:00
if ( count ( $search_terms ) > 1 && $search_terms [ 0 ] != $s )
$search .= " OR ( $wpdb->posts .post_title LIKE '% { $term } %') OR ( $wpdb->posts .post_content LIKE '% { $term } %') " ;
2009-11-16 22:08:38 -05:00
$posts = $wpdb -> get_results ( " SELECT ID, post_title, post_status, post_date FROM $wpdb->posts WHERE post_type = ' $what ' AND post_status IN ('draft', 'publish') AND ( $search ) ORDER BY post_date_gmt DESC LIMIT 50 " );
2008-09-16 00:24:28 -04:00
2010-05-24 22:18:07 -04:00
if ( ! $posts ) {
$posttype = get_post_type_object ( $what );
exit ( $posttype -> labels -> not_found );
}
2008-09-16 00:24:28 -04:00
2009-11-16 22:08:38 -05:00
$html = '<table class="widefat" cellspacing="0"><thead><tr><th class="found-radio"><br /></th><th>' . __ ( 'Title' ) . '</th><th>' . __ ( 'Date' ) . '</th><th>' . __ ( 'Status' ) . '</th></tr></thead><tbody>' ;
2008-09-16 00:24:28 -04:00
foreach ( $posts as $post ) {
switch ( $post -> post_status ) {
case 'publish' :
case 'private' :
$stat = __ ( 'Published' );
break ;
case 'future' :
$stat = __ ( 'Scheduled' );
break ;
case 'pending' :
$stat = __ ( 'Pending Review' );
break ;
case 'draft' :
2009-11-16 22:08:38 -05:00
$stat = __ ( 'Draft' );
2008-09-16 00:24:28 -04:00
break ;
}
2008-10-05 00:43:52 -04:00
2008-09-16 00:24:28 -04:00
if ( '0000-00-00 00:00:00' == $post -> post_date ) {
$time = '' ;
} else {
2009-03-12 23:53:39 -04:00
/* translators: date format in table columns, see http://php.net/date */
2008-09-16 00:24:28 -04:00
$time = mysql2date ( __ ( 'Y/m/d' ), $post -> post_date );
}
2009-05-05 15:43:53 -04:00
$html .= '<tr class="found-posts"><td class="found-radio"><input type="radio" id="found-' . $post -> ID . '" name="found_post_id" value="' . esc_attr ( $post -> ID ) . '"></td>' ;
2009-05-18 11:11:07 -04:00
$html .= '<td><label for="found-' . $post -> ID . '">' . esc_html ( $post -> post_title ) . '</label></td><td>' . esc_html ( $time ) . '</td><td>' . esc_html ( $stat ) . '</td></tr>' . " \n \n " ;
2008-09-16 00:24:28 -04:00
}
$html .= '</tbody></table>' ;
$x = new WP_Ajax_Response ();
$x -> add ( array (
'what' => $what ,
'data' => $html
));
$x -> send ();
2008-08-20 17:42:31 -04:00
break ;
2009-04-11 10:37:24 -04:00
case 'widgets-order' :
check_ajax_referer ( 'save-sidebar-widgets' , 'savewidgets' );
2010-05-12 15:19:57 -04:00
if ( ! current_user_can ( 'edit_theme_options' ) )
2009-04-11 10:37:24 -04:00
die ( '-1' );
unset ( $_POST [ 'savewidgets' ], $_POST [ 'action' ] );
2009-04-13 12:20:58 -04:00
// save widgets order for all sidebars
if ( is_array ( $_POST [ 'sidebars' ]) ) {
$sidebars = array ();
foreach ( $_POST [ 'sidebars' ] as $key => $val ) {
$sb = array ();
if ( ! empty ( $val ) ) {
2009-04-11 10:37:24 -04:00
$val = explode ( ',' , $val );
foreach ( $val as $k => $v ) {
2009-04-13 12:20:58 -04:00
if ( strpos ( $v , 'widget-' ) === false )
continue ;
$sb [ $k ] = substr ( $v , strpos ( $v , '_' ) + 1 );
2009-04-11 10:37:24 -04:00
}
}
2009-04-13 12:20:58 -04:00
$sidebars [ $key ] = $sb ;
2009-04-11 10:37:24 -04:00
}
2009-04-13 12:20:58 -04:00
wp_set_sidebars_widgets ( $sidebars );
die ( '1' );
2009-04-11 10:37:24 -04:00
}
2009-04-13 12:20:58 -04:00
die ( '-1' );
2009-04-11 10:37:24 -04:00
break ;
case 'save-widget' :
check_ajax_referer ( 'save-sidebar-widgets' , 'savewidgets' );
2010-05-12 15:19:57 -04:00
if ( ! current_user_can ( 'edit_theme_options' ) || ! isset ( $_POST [ 'id_base' ]) )
2009-04-11 10:37:24 -04:00
die ( '-1' );
unset ( $_POST [ 'savewidgets' ], $_POST [ 'action' ] );
2009-05-22 08:08:51 -04:00
do_action ( 'load-widgets.php' );
do_action ( 'widgets.php' );
do_action ( 'sidebar_admin_setup' );
2009-04-13 12:20:58 -04:00
$id_base = $_POST [ 'id_base' ];
2009-05-22 08:08:51 -04:00
$widget_id = $_POST [ 'widget-id' ];
2009-04-13 12:20:58 -04:00
$sidebar_id = $_POST [ 'sidebar' ];
2009-05-31 07:34:08 -04:00
$multi_number = ! empty ( $_POST [ 'multi_number' ]) ? ( int ) $_POST [ 'multi_number' ] : 0 ;
$settings = isset ( $_POST [ 'widget-' . $id_base ]) && is_array ( $_POST [ 'widget-' . $id_base ]) ? $_POST [ 'widget-' . $id_base ] : false ;
2010-12-02 18:30:21 -05:00
$error = '<p>' . __ ( 'An error has occurred. Please reload the page and try again.' ) . '</p>' ;
2009-05-22 08:08:51 -04:00
2009-04-11 10:37:24 -04:00
$sidebars = wp_get_sidebars_widgets ();
$sidebar = isset ( $sidebars [ $sidebar_id ]) ? $sidebars [ $sidebar_id ] : array ();
// delete
if ( isset ( $_POST [ 'delete_widget' ]) && $_POST [ 'delete_widget' ] ) {
2009-05-22 08:08:51 -04:00
if ( ! isset ( $wp_registered_widgets [ $widget_id ]) )
2009-05-31 07:34:08 -04:00
die ( $error );
2009-04-11 10:37:24 -04:00
2009-05-22 08:08:51 -04:00
$sidebar = array_diff ( $sidebar , array ( $widget_id ) );
$_POST = array ( 'sidebar' => $sidebar_id , 'widget-' . $id_base => array (), 'the-widget-id' => $widget_id , 'delete_widget' => '1' );
2009-05-31 07:34:08 -04:00
} elseif ( $settings && preg_match ( '/__i__|%i%/' , key ( $settings ) ) ) {
if ( ! $multi_number )
die ( $error );
$_POST [ 'widget-' . $id_base ] = array ( $multi_number => array_shift ( $settings ) );
$widget_id = $id_base . '-' . $multi_number ;
$sidebar [] = $widget_id ;
2009-04-11 10:37:24 -04:00
}
2009-05-22 08:08:51 -04:00
$_POST [ 'widget-id' ] = $sidebar ;
2009-04-11 10:37:24 -04:00
foreach ( ( array ) $wp_registered_widget_updates as $name => $control ) {
2009-05-22 08:08:51 -04:00
2009-04-11 10:37:24 -04:00
if ( $name == $id_base ) {
if ( ! is_callable ( $control [ 'callback' ] ) )
continue ;
ob_start ();
call_user_func_array ( $control [ 'callback' ], $control [ 'params' ] );
ob_end_clean ();
break ;
}
}
2009-05-22 08:08:51 -04:00
if ( isset ( $_POST [ 'delete_widget' ]) && $_POST [ 'delete_widget' ] ) {
$sidebars [ $sidebar_id ] = $sidebar ;
wp_set_sidebars_widgets ( $sidebars );
echo " deleted: $widget_id " ;
die ();
}
2009-05-24 19:47:49 -04:00
2009-05-31 07:34:08 -04:00
if ( ! empty ( $_POST [ 'add_new' ]) )
die ();
if ( $form = $wp_registered_widget_controls [ $widget_id ] )
call_user_func_array ( $form [ 'callback' ], $form [ 'params' ] );
2009-09-10 18:07:33 -04:00
die ();
break ;
2009-09-23 21:54:07 -04:00
case 'image-editor' :
$attachment_id = intval ( $_POST [ 'postid' ]);
if ( empty ( $attachment_id ) || ! current_user_can ( 'edit_post' , $attachment_id ) )
2009-09-10 18:07:33 -04:00
die ( '-1' );
2009-09-23 21:54:07 -04:00
check_ajax_referer ( " image_editor- $attachment_id " );
2009-09-10 18:07:33 -04:00
include_once ( ABSPATH . 'wp-admin/includes/image-edit.php' );
2009-09-23 21:54:07 -04:00
$msg = false ;
switch ( $_POST [ 'do' ] ) {
case 'save' :
$msg = wp_save_image ( $attachment_id );
$msg = json_encode ( $msg );
die ( $msg );
break ;
case 'scale' :
$msg = wp_save_image ( $attachment_id );
break ;
case 'restore' :
$msg = wp_restore_image ( $attachment_id );
break ;
}
2009-09-10 18:07:33 -04:00
2009-09-23 21:54:07 -04:00
wp_image_editor ( $attachment_id , $msg );
2009-05-31 07:34:08 -04:00
die ();
2009-04-11 10:37:24 -04:00
break ;
2009-10-07 18:18:09 -04:00
case 'set-post-thumbnail' :
2010-05-18 18:14:52 -04:00
$post_ID = intval ( $_POST [ 'post_id' ] );
if ( ! current_user_can ( 'edit_post' , $post_ID ) )
2009-10-07 18:18:09 -04:00
die ( '-1' );
$thumbnail_id = intval ( $_POST [ 'thumbnail_id' ] );
2009-10-15 08:57:16 -04:00
2010-05-18 18:14:52 -04:00
check_ajax_referer ( " set_post_thumbnail- $post_ID " );
2010-05-18 18:08:49 -04:00
2009-10-15 08:57:16 -04:00
if ( $thumbnail_id == '-1' ) {
2011-09-24 15:31:38 -04:00
if ( delete_post_thumbnail ( $post_ID ) )
die ( _wp_post_thumbnail_html () );
else
die ( '0' );
2009-10-15 08:57:16 -04:00
}
2010-11-15 12:59:25 -05:00
if ( set_post_thumbnail ( $post_ID , $thumbnail_id ) )
die ( _wp_post_thumbnail_html ( $thumbnail_id ) );
2009-10-07 18:18:09 -04:00
die ( '0' );
2010-04-27 22:04:30 -04:00
break ;
2010-10-07 23:29:57 -04:00
case 'date_format' :
die ( date_i18n ( sanitize_option ( 'date_format' , $_POST [ 'date' ] ) ) );
break ;
case 'time_format' :
die ( date_i18n ( sanitize_option ( 'time_format' , $_POST [ 'date' ] ) ) );
break ;
2011-04-24 21:01:34 -04:00
case 'wp-fullscreen-save-post' :
if ( isset ( $_POST [ 'post_ID' ]) )
$post_id = ( int ) $_POST [ 'post_ID' ];
else
$post_id = 0 ;
$post = null ;
$post_type_object = null ;
$post_type = null ;
if ( $post_id ) {
$post = get_post ( $post_id );
if ( $post ) {
$post_type_object = get_post_type_object ( $post -> post_type );
if ( $post_type_object ) {
$post_type = $post -> post_type ;
$current_screen -> post_type = $post -> post_type ;
$current_screen -> id = $current_screen -> post_type ;
}
}
} elseif ( isset ( $_POST [ 'post_type' ]) ) {
$post_type_object = get_post_type_object ( $_POST [ 'post_type' ]);
if ( $post_type_object ) {
$post_type = $post_type_object -> name ;
$current_screen -> post_type = $post_type ;
$current_screen -> id = $current_screen -> post_type ;
}
}
check_ajax_referer ( 'update-' . $post_type . '_' . $post_id , '_wpnonce' );
$post_id = edit_post ();
if ( is_wp_error ( $post_id ) ) {
if ( $post_id -> get_error_message () )
$message = $post_id -> get_error_message ();
else
$message = __ ( 'Save failed' );
echo json_encode ( array ( 'message' => $message , 'last_edited' => '' ) );
die ();
} else {
$message = __ ( 'Saved.' );
}
if ( $post ) {
$last_date = mysql2date ( get_option ( 'date_format' ), $post -> post_modified );
$last_time = mysql2date ( get_option ( 'time_format' ), $post -> post_modified );
} else {
$last_date = date_i18n ( get_option ( 'date_format' ) );
$last_time = date_i18n ( get_option ( 'time_format' ) );
}
if ( $last_id = get_post_meta ( $post_id , '_edit_last' , true ) ) {
$last_user = get_userdata ( $last_id );
$last_edited = sprintf ( __ ( 'Last edited by %1$s on %2$s at %3$s' ), esc_html ( $last_user -> display_name ), $last_date , $last_time );
} else {
$last_edited = sprintf ( __ ( 'Last edited on %1$s at %2$s' ), $last_date , $last_time );
}
echo json_encode ( array ( 'message' => $message , 'last_edited' => $last_edited ) );
die ();
break ;
2011-09-27 16:52:07 -04:00
case 'wp-remove-post-lock' :
if ( empty ( $_POST [ 'post_ID' ] ) || empty ( $_POST [ 'active_post_lock' ] ) )
die ( '0' );
$post_id = ( int ) $_POST [ 'post_ID' ];
if ( ! $post = get_post ( $post_id ) )
die ( '0' );
check_ajax_referer ( 'update-' . $post -> post_type . '_' . $post_id );
if ( ! current_user_can ( 'edit_post' , $post_id ) )
die ( '-1' );
$active_lock = array_map ( 'absint' , explode ( ':' , $_POST [ 'active_post_lock' ] ) );
if ( $active_lock [ 1 ] != get_current_user_id () )
die ( '0' );
$new_lock = ( time () - apply_filters ( 'wp_check_post_lock_window' , AUTOSAVE_INTERVAL * 2 ) + 5 ) . ':' . $active_lock [ 1 ];
update_post_meta ( $post_id , '_edit_lock' , $new_lock , implode ( ':' , $active_lock ) );
die ( '1' );
2006-03-28 20:51:55 -05:00
default :
2006-07-25 15:01:52 -04:00
do_action ( 'wp_ajax_' . $_POST [ 'action' ] );
2006-03-28 20:51:55 -05:00
die ( '0' );
break ;
endswitch ;
2008-10-16 17:59:06 -04:00
?>