Do not stomp permalink setting. Bug 372.

git-svn-id: http://svn.automattic.com/wordpress/trunk@1810 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2004-10-18 04:50:08 +00:00 · 2004-10-18 04:50:08 +00:00 · 4568e83625
parent 667912ce0e
commit 4568e83625
11 changed files with 123 additions and 174 deletions
--- a/wp-admin/admin-functions.php
+++ b/wp-admin/admin-functions.php
@ -622,4 +622,49 @@ function parent_dropdown($default = 0, $parent = 0, $level = 0) {
 	}
 }

+function user_can_access_admin_page() {
+	global $parent_file;
+	global $pagenow;
+	global $menu;
+	global $submenu;
+	global $user_level;
+
+	if (! isset($parent_file)) {
+		$parent = $pagenow;
+	} else {
+		$parent = $parent_file;
+	}
+
+	foreach ($menu as $menu_array) {
+		//echo "parent array: " . $menu_array[2];
+		if ($menu_array[2] == $parent) {
+			if ($user_level < $menu_array[1]) {
+				return false;
+			} else {
+				break;
+			}
+		}
+	}
+
+	if (isset($submenu[$parent])) {
+		foreach ($submenu[$parent] as $submenu_array) {
+			if ($submenu_array[2] == $pagenow) {
+				if ($user_level < $submenu_array[1]) {
+					return false;
+				} else {
+					return true;
+				}
+			}
+		}
+	}
+	
+	return true;
+}
+
+function add_options_menu($title, $access_level, $file) {
+	global $submenu;
+	
+	$submenu['options-general.php'][] = array($title, $access_level, $file);
+}
+
 ?>
--- a/wp-admin/admin-header.php
+++ b/wp-admin/admin-header.php
@ -1,6 +1,15 @@
 <?php

-require_once('../wp-config.php');
+if (strstr($_SERVER['PHP_SELF'], 'plugins/')) {
+	$wp_admin_path = '../../wp-admin/';
+	$wp_path = '../../';
+} else {
+	$wp_admin_path = './';
+	$wp_path = '../';
+}
+
+require_once($wp_path . 'wp-config.php');
+
 require_once(ABSPATH . '/wp-admin/auth.php');
 require(ABSPATH . '/wp-admin/admin-functions.php');

@ -38,8 +47,8 @@ if ($standalone == 0) :
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
 <title><?php bloginfo('name') ?> &rsaquo; <?php echo $title; ?> &#8212; WordPress</title>
-<link rel="stylesheet" href="wp-admin.css" type="text/css" />
-<link rel="shortcut icon" href="../wp-images/wp-favicon.png" />
+<link rel="stylesheet" href="<?php echo $wp_admin_path; ?>wp-admin.css" type="text/css" />
+<link rel="shortcut icon" href="<?php echo $wp_path; ?>wp-images/wp-favicon.png" />
 <meta http-equiv="Content-Type" content="text/html; charset=<?php echo get_settings('blog_charset'); ?>" />

 <?php if (isset($xfn)) : ?>
@ -110,6 +119,6 @@ window.onload = blurry;
 </div>

 <?php
-require('./menu.php');
+require(ABSPATH . '/wp-admin/menu.php');
 endif;
 ?>
--- a/wp-admin/auth.php
+++ b/wp-admin/auth.php
@ -1,5 +1,5 @@
 <?php
-require_once('../wp-config.php');
+require_once(ABSPATH . '/wp-config.php');

 if ( (!empty($_COOKIE['wordpressuser_' . COOKIEHASH]) && !wp_login($_COOKIE['wordpressuser_' . COOKIEHASH], $_COOKIE['wordpresspass_' . COOKIEHASH], true))
 	|| (empty($_COOKIE['wordpressuser_' . COOKIEHASH])) ) {
--- a/wp-admin/menu.php
+++ b/wp-admin/menu.php
@ -43,7 +43,15 @@ $submenu['themes.php'][5] = array(__('Themes'), 5, 'themes.php');
 $submenu['themes.php'][10] = array(__('Theme Editor'), 5, 'theme-editor.php');
 $submenu['themes.php'][15] = array(__('Other Files'), 5, 'templates.php');

-$self = preg_replace('|.*/wp-admin/|i', '', $_SERVER['PHP_SELF']);
+do_action('admin_menu', '');
+
+if (! user_can_access_admin_page()) {
+	die( __('You have do not have sufficient permissions to access this page.') );
+}
+
+$self = preg_replace('|^.*/wp-admin/|i', '', $_SERVER['PHP_SELF']);
+$self = preg_replace('|^.*/plugins/|i', '', $self);
+
 if (!isset($parent_file)) $parent_file = '';
 foreach ($menu as $item) {
 	$class = '';
@ -57,7 +65,7 @@ foreach ($menu as $item) {
 get_settings('use_fileupload') && 
 ($user_level >= get_settings('fileupload_minlevel'))
             ) || 'upload.php' != $item[2])
-            echo "\n\t<li><a href='{$item[2]}'$class>{$item[0]}</a></li>";
+					echo "\n\t<li><a href='" . get_settings('siteurl') . "/wp-admin/{$item[2]}'$class>{$item[0]}</a></li>";
    }
 }

@ -73,9 +81,13 @@ if ( isset($submenu["$parent_file"]) ) :
 <ul id="adminmenu2">
 <?php 
 foreach ($submenu["$parent_file"] as $item) : 
+	 if ($user_level < $item[1]) {
+		 continue;
+	 }
+
 	if ( substr($self, -10) == substr($item[2], -10) ) $class = ' class="current"';
 	else $class = '';
-	echo "\n\t<li><a href='{$item[2]}'$class>{$item[0]}</a></li>";
+	echo "\n\t<li><a href='" . get_settings('siteurl') . "/wp-admin/{$item[2]}'$class>{$item[0]}</a></li>";
 endforeach;
 ?>

--- a/wp-admin/options-discussion.php
+++ b/wp-admin/options-discussion.php
@ -2,43 +2,6 @@
 require_once('../wp-includes/wp-l10n.php');

 $title = __('Discussion Options');
-$parent_file = 'options-general.php';
-
-function add_magic_quotes($array) {
-	foreach ($array as $k => $v) {
-		if (is_array($v)) {
-			$array[$k] = add_magic_quotes($v);
-		} else {
-			$array[$k] = addslashes($v);
-		}
-	}
-	return $array;
-}
-
-if (!get_magic_quotes_gpc()) {
-	$_GET    = add_magic_quotes($_GET);
-	$_POST   = add_magic_quotes($_POST);
-	$_COOKIE = add_magic_quotes($_COOKIE);
-}
-
-$wpvarstoreset = array('action','standalone', 'option_group_id');
-for ($i=0; $i<count($wpvarstoreset); $i += 1) {
-	$wpvar = $wpvarstoreset[$i];
-	if (!isset($$wpvar)) {
-		if (empty($_POST["$wpvar"])) {
-			if (empty($_GET["$wpvar"])) {
-				$$wpvar = '';
-			} else {
-				$$wpvar = $_GET["$wpvar"];
-			}
-		} else {
-			$$wpvar = $_POST["$wpvar"];
-		}
-	}
-}
-
-$standalone = 0;
-include_once('admin-header.php');
 include('options-head.php');

 if ($action == 'retrospam') {
--- a/wp-admin/options-general.php
+++ b/wp-admin/options-general.php
@ -2,44 +2,7 @@
 require_once('../wp-includes/wp-l10n.php');

 $title = __('General Options');
-$parent_file = 'options-general.php';

-function add_magic_quotes($array) {
-	foreach ($array as $k => $v) {
-		if (is_array($v)) {
-			$array[$k] = add_magic_quotes($v);
-		} else {
-			$array[$k] = addslashes($v);
-		}
-	}
-	return $array;
-}
-
-if (!get_magic_quotes_gpc()) {
-	$_GET    = add_magic_quotes($_GET);
-	$_POST   = add_magic_quotes($_POST);
-	$_COOKIE = add_magic_quotes($_COOKIE);
-}
-
-$wpvarstoreset = array('action','standalone', 'option_group_id');
-for ($i=0; $i<count($wpvarstoreset); $i += 1) {
-	$wpvar = $wpvarstoreset[$i];
-	if (!isset($$wpvar)) {
-		if (empty($_POST["$wpvar"])) {
-			if (empty($_GET["$wpvar"])) {
-				$$wpvar = '';
-			} else {
-				$$wpvar = $_GET["$wpvar"];
-			}
-		} else {
-			$$wpvar = $_POST["$wpvar"];
-		}
-	}
-}
-
-
-$standalone = 0;
-include_once('admin-header.php');
 include('options-head.php');
 ?>
 
--- a/wp-admin/options-head.php
+++ b/wp-admin/options-head.php
@ -1,8 +1,42 @@
 <?php

-if ($user_level <= 6) {
-	die( __('You have do not have sufficient permissions to edit the options for this blog.') );
+$parent_file = 'options-general.php';
+
+function add_magic_quotes($array) {
+	foreach ($array as $k => $v) {
+		if (is_array($v)) {
+			$array[$k] = add_magic_quotes($v);
+		} else {
+			$array[$k] = addslashes($v);
+		}
+	}
+	return $array;
 }
+
+if (!get_magic_quotes_gpc()) {
+	$_GET    = add_magic_quotes($_GET);
+	$_POST   = add_magic_quotes($_POST);
+	$_COOKIE = add_magic_quotes($_COOKIE);
+}
+
+$wpvarstoreset = array('action','standalone', 'option_group_id');
+for ($i=0; $i<count($wpvarstoreset); $i += 1) {
+	$wpvar = $wpvarstoreset[$i];
+	if (!isset($$wpvar)) {
+		if (empty($_POST["$wpvar"])) {
+			if (empty($_GET["$wpvar"])) {
+				$$wpvar = '';
+			} else {
+				$$wpvar = $_GET["$wpvar"];
+			}
+		} else {
+			$$wpvar = $_POST["$wpvar"];
+		}
+	}
+}
+
+$standalone = 0;
+include_once('admin-header.php');
 ?>

 <br clear="all" />
--- a/wp-admin/options-misc.php
+++ b/wp-admin/options-misc.php
@ -2,44 +2,6 @@
 require_once('../wp-includes/wp-l10n.php');

 $title = __('Miscellaneous Options');
-$parent_file = 'options-general.php';
-
-function add_magic_quotes($array) {
-	foreach ($array as $k => $v) {
-		if (is_array($v)) {
-			$array[$k] = add_magic_quotes($v);
-		} else {
-			$array[$k] = addslashes($v);
-		}
-	}
-	return $array;
-}
-
-if (!get_magic_quotes_gpc()) {
-	$_GET    = add_magic_quotes($_GET);
-	$_POST   = add_magic_quotes($_POST);
-	$_COOKIE = add_magic_quotes($_COOKIE);
-}
-
-$wpvarstoreset = array('action','standalone');
-for ($i=0; $i<count($wpvarstoreset); $i += 1) {
-	$wpvar = $wpvarstoreset[$i];
-	if (!isset($$wpvar)) {
-		if (empty($_POST["$wpvar"])) {
-			if (empty($_GET["$wpvar"])) {
-				$$wpvar = '';
-			} else {
-				$$wpvar = $_GET["$wpvar"];
-			}
-		} else {
-			$$wpvar = $_POST["$wpvar"];
-		}
-	}
-}
-
-
-$standalone = 0;
-include_once('admin-header.php');
 include('options-head.php');
 ?>
 
--- a/wp-admin/options-permalink.php
+++ b/wp-admin/options-permalink.php
@ -6,7 +6,8 @@ $parent_file = 'options-general.php';

 require_once('./admin-header.php');
 if ($user_level <= 8)
-	die(__('You have do not have sufficient permissions to edit the options for this blog.'));
+	die(__('You have do not have sufficient permissions to edit the options
+for this blog.'));

 require('./options-head.php');

@ -21,20 +22,21 @@ if ( $home != '' && $home != get_settings('siteurl') ) {
 }

 if ( isset($_POST) ) {
-	if ( $_POST['permalink_structure'] )
-		$permalink_structure = preg_replace('#/+#', '/', '/' . $_POST['permalink_structure']);
-	else
+	if ( isset($_POST['permalink_structure']) ) {
 		$permalink_structure = $_POST['permalink_structure'];
+		if (! empty($permalink_structure) )
+			$permalink_structure = preg_replace('#/+#', '/', '/' . $_POST['permalink_structure']);
+		update_option('permalink_structure', $permalink_structure);
+	}
 	
-	if ( $_POST['category_base'] )
-		$category_base = preg_replace('#/+#', '/', '/' . $_POST['category_base']);
-	else
+	if ( isset($_POST['category_base']) ) {
 		$category_base = $_POST['category_base'];
-	
-	update_option('permalink_structure', $permalink_structure);
-	update_option('category_base', $category_base);
+		if (! empty($category_base) )
+			$category_base = preg_replace('#/+#', '/', '/' . $_POST['category_base']);
+		update_option('category_base', $category_base);
+	}
 }
-
+	
 $permalink_structure = get_settings('permalink_structure');
 $category_base = get_settings('category_base');

--- a/wp-admin/options-reading.php
+++ b/wp-admin/options-reading.php
@ -2,43 +2,6 @@
 require_once('../wp-includes/wp-l10n.php');

 $title = __('Reading Options');
-$parent_file = 'options-general.php';
-
-function add_magic_quotes($array) {
-	foreach ($array as $k => $v) {
-		if (is_array($v)) {
-			$array[$k] = add_magic_quotes($v);
-		} else {
-			$array[$k] = addslashes($v);
-		}
-	}
-	return $array;
-}
-
-if (!get_magic_quotes_gpc()) {
-	$_GET    = add_magic_quotes($_GET);
-	$_POST   = add_magic_quotes($_POST);
-	$_COOKIE = add_magic_quotes($_COOKIE);
-}
-
-$wpvarstoreset = array('action','standalone', 'option_group_id');
-for ($i=0; $i<count($wpvarstoreset); $i += 1) {
-	$wpvar = $wpvarstoreset[$i];
-	if (!isset($$wpvar)) {
-		if (empty($_POST["$wpvar"])) {
-			if (empty($_GET["$wpvar"])) {
-				$$wpvar = '';
-			} else {
-				$$wpvar = $_GET["$wpvar"];
-			}
-		} else {
-			$$wpvar = $_POST["$wpvar"];
-		}
-	}
-}
-
-$standalone = 0;
-include_once('admin-header.php');
 include('options-head.php');
 ?>

--- a/wp-admin/options-writing.php
+++ b/wp-admin/options-writing.php
@ -2,10 +2,6 @@
 require_once('../wp-includes/wp-l10n.php');

 $title = __('Writing Options');
-$parent_file = 'options-general.php';
-
-$standalone = 0;
-include_once('./admin-header.php');
 include('./options-head.php');
 ?>