Strip slashes of draft titles, XHTML and formatting updates.
git-svn-id: http://svn.automattic.com/wordpress/trunk@198 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
1aaef103e2
commit
69c2ef5a35
|
@ -17,7 +17,8 @@ switch($action) {
|
|||
$form_pingback = '';
|
||||
}
|
||||
if ($use_trackback) {
|
||||
$form_trackback = '<p><label for="trackback"><strong>TrackBack</strong> an <acronym title="Uniform Resource Locator">URL</acronym>:</label> (Seperate multiple URLs with commas.)<br /><input type="text" name="trackback_url" style="width: 415px" id="trackback" /></p>';
|
||||
$form_trackback = '<p><label for="trackback"><strong>TrackBack</strong> an <acronym title="Uniform Resource Locator">URL</acronym>:</label> (Seperate multiple <acronym title="Uniform Resource Locator">URL</acronym>s with commas.)<br />
|
||||
<input type="text" name="trackback_url" style="width: 415px" id="trackback" /></p>';
|
||||
} else {
|
||||
$form_trackback = '';
|
||||
}
|
||||
|
@ -25,7 +26,7 @@ switch($action) {
|
|||
break;
|
||||
case "edit":
|
||||
$submitbutton_text = 'Edit this!';
|
||||
$toprow_title = 'Editing Post #' . $postdata["ID"];
|
||||
$toprow_title = 'Editing Post #' . $postdata['ID'];
|
||||
$form_action = 'editpost';
|
||||
$form_extra = "' />\n<input type='hidden' name='post_ID' value='$post";
|
||||
$colspan = 2;
|
||||
|
@ -35,7 +36,7 @@ switch($action) {
|
|||
break;
|
||||
case "editcomment":
|
||||
$submitbutton_text = 'Edit this!';
|
||||
$toprow_title = 'Editing Comment # '.$commentdata["comment_ID"];
|
||||
$toprow_title = 'Editing Comment # '.$commentdata['comment_ID'];
|
||||
$form_action = 'editedcomment';
|
||||
$form_extra = "' />\n<input type='hidden' name='comment_ID' value='$comment' />\n<input type='hidden' name='comment_post_ID' value='".$commentdata["comment_post_ID"];
|
||||
$colspan = 3;
|
||||
|
@ -46,7 +47,7 @@ switch($action) {
|
|||
|
||||
?>
|
||||
|
||||
<form name="post" action="b2edit.php" method="POST">
|
||||
<form name="post" action="b2edit.php" method="post">
|
||||
<input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" />
|
||||
<input type="hidden" name="action" value='<?php echo $form_action . $form_extra ?>' />
|
||||
|
||||
|
@ -55,37 +56,44 @@ switch($action) {
|
|||
?>
|
||||
|
||||
<table>
|
||||
<tr>
|
||||
<td width="210"> <label for="title">Title:</label> <br /> <input type="text" name="post_title" size="25" tabindex="1" style="width: 190px;" value="<?php echo $edited_post_title; ?>" id="title" />
|
||||
</td>
|
||||
<td> <label for="category">Category :</label> <br />
|
||||
<?php dropdown_categories(); ?>
|
||||
</td>
|
||||
<td><label for="post_status">Post Status:</label><br />
|
||||
|
||||
<select name="post_status" id="post_status">
|
||||
<option value="publish"<?php selected($post_status, 'publish'); ?>>Publish</option>
|
||||
<option value="draft"<?php selected($post_status, 'draft'); ?>>Draft</option>
|
||||
<option value="private"<?php selected($post_status, 'private'); ?>>Private</option>
|
||||
</select> </td>
|
||||
<td><label for="comment_status">Comments:</label><br />
|
||||
|
||||
<select name="comment_status" id="comment_status">
|
||||
<option value="open"<?php selected($comment_status, 'open'); ?>>Open</option>
|
||||
<option value="closed"<?php selected($comment_status, 'closed'); ?>>Closed</option>
|
||||
</select> </td>
|
||||
<td><label for="ping_status">Pings:</label><br />
|
||||
|
||||
<select name="ping_status" id="ping_status">
|
||||
<option value="open"<?php selected($ping_status, 'open'); ?>>Open</option>
|
||||
<option value="closed"<?php selected($ping_status, 'open'); ?>>Closed</option>
|
||||
</select></td>
|
||||
<td><label for="post_password">Post Password:</label>
|
||||
<br />
|
||||
<input name="post_password" type="text" id="post_password" value="<?php echo $post_password ?>" /> </td>
|
||||
</tr>
|
||||
</table>
|
||||
<?php
|
||||
<tr>
|
||||
<td width="210">
|
||||
<label for="title">Title:</label><br />
|
||||
<input type="text" name="post_title" size="25" tabindex="1" style="width: 190px;" value="<?php echo $edited_post_title; ?>" id="title" />
|
||||
</td>
|
||||
<td>
|
||||
<label for="category">Category:</label><br />
|
||||
<?php dropdown_categories(); ?>
|
||||
</td>
|
||||
<td>
|
||||
<label for="post_status">Post Status:</label><br />
|
||||
<select name="post_status" id="post_status">
|
||||
<option value="publish"<?php selected($post_status, 'publish'); ?>>Publish</option>
|
||||
<option value="draft"<?php selected($post_status, 'draft'); ?>>Draft</option>
|
||||
<option value="private"<?php selected($post_status, 'private'); ?>>Private</option>
|
||||
</select>
|
||||
</td>
|
||||
<td>
|
||||
<label for="comment_status">Comments:</label><br />
|
||||
<select name="comment_status" id="comment_status">
|
||||
<option value="open"<?php selected($comment_status, 'open'); ?>>Open</option>
|
||||
<option value="closed"<?php selected($comment_status, 'closed'); ?>>Closed</option>
|
||||
</select>
|
||||
</td>
|
||||
<td>
|
||||
<label for="ping_status">Pings:</label><br />
|
||||
<select name="ping_status" id="ping_status">
|
||||
<option value="open"<?php selected($ping_status, 'open'); ?>>Open</option>
|
||||
<option value="closed"<?php selected($ping_status, 'open'); ?>>Closed</option>
|
||||
</select>
|
||||
</td>
|
||||
<td>
|
||||
<label for="post_password">Post Password:</label><br />
|
||||
<input name="post_password" type="text" id="post_password" value="<?php echo $post_password ?>" />
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<?php
|
||||
|
||||
} else {
|
||||
|
||||
|
@ -94,30 +102,30 @@ switch($action) {
|
|||
<table>
|
||||
<tr>
|
||||
<td>
|
||||
<label for="name">Name:</label>
|
||||
<br />
|
||||
<input type="text" name="newcomment_author" size="22" value="<?php echo format_to_edit($commentdata["comment_author"]) ?>" tabindex="1" id="name" /></td>
|
||||
<label for="name">Name:</label><br />
|
||||
<input type="text" name="newcomment_author" size="22" value="<?php echo format_to_edit($commentdata['comment_author']) ?>" tabindex="1" id="name" /></td>
|
||||
<td>
|
||||
<label for="email">E-mail:</label>
|
||||
<br />
|
||||
<input type="text" name="newcomment_author_email" size="30" value="<?php echo format_to_edit($commentdata["comment_author_email"]) ?>" tabindex="2" id="email" /></td>
|
||||
<label for="email">E-mail:</label><br />
|
||||
<input type="text" name="newcomment_author_email" size="30" value="<?php echo format_to_edit($commentdata['comment_author_email']) ?>" tabindex="2" id="email" />
|
||||
</td>
|
||||
<td>
|
||||
<label for="URL">URL:</label>
|
||||
<br />
|
||||
<input type="text" name="newcomment_author_url" size="35" value="<?php echo format_to_edit($commentdata["comment_author_url"]) ?>" tabindex="3" id="URL" /></td>
|
||||
<label for="URL">URL:</label><br />
|
||||
<input type="text" name="newcomment_author_url" size="35" value="<?php echo format_to_edit($commentdata['comment_author_url']) ?>" tabindex="3" id="URL" />
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<?php
|
||||
<?php
|
||||
|
||||
} // end else comment editing
|
||||
|
||||
?>
|
||||
?>
|
||||
|
||||
<?php
|
||||
if ($action != 'editcomment') {
|
||||
echo '<label for="excerpt">Excerpt:</label>';
|
||||
echo '<p><label for="excerpt">Excerpt:</label><br />';
|
||||
?>
|
||||
<p><textarea rows="3" cols="40" style="width:100%" name="excerpt" tabindex="4" wrap="virtual" id="excerpt"><?php echo $excerpt ?></textarea></p>
|
||||
|
||||
<textarea rows="3" cols="40" style="width:100%" name="excerpt" tabindex="4" wrap="virtual" id="excerpt"><?php echo $excerpt ?></textarea></p>
|
||||
|
||||
<?php
|
||||
} // if not a comment
|
||||
|
@ -129,7 +137,7 @@ if ($action != 'editcomment') {
|
|||
if ($action != 'editcomment') {
|
||||
echo '<label for="content">Post:</label>';
|
||||
} else {
|
||||
echo '<br /><label for="content">Comment:</label>';
|
||||
echo '<label for="content">Comment:</label>';
|
||||
}
|
||||
?>
|
||||
</td>
|
||||
|
|
|
@ -39,42 +39,46 @@ switch($action) {
|
|||
|
||||
case 'post':
|
||||
|
||||
$standalone = 1;
|
||||
require_once('b2header.php');
|
||||
$standalone = 1;
|
||||
require_once('b2header.php');
|
||||
|
||||
$post_pingback = intval($HTTP_POST_VARS["post_pingback"]);
|
||||
$content = balanceTags($HTTP_POST_VARS["content"]);
|
||||
$content = format_to_post($content);
|
||||
$excerpt = balanceTags($HTTP_POST_VARS["excerpt"]);
|
||||
$excerpt = format_to_post($excerpt);
|
||||
$post_title = addslashes($HTTP_POST_VARS["post_title"]);
|
||||
$post_category = intval($HTTP_POST_VARS["post_category"]);
|
||||
$post_status = $HTTP_POST_VARS['post_status'];
|
||||
$comment_status = $HTTP_POST_VARS['comment_status'];
|
||||
$ping_status = $HTTP_POST_VARS['ping_status'];
|
||||
$post_password = addslashes($HTTP_POST_VARS['post_password']);
|
||||
$post_pingback = intval($HTTP_POST_VARS['post_pingback']);
|
||||
$content = balanceTags($HTTP_POST_VARS['content']);
|
||||
$content = format_to_post($content);
|
||||
$excerpt = balanceTags($HTTP_POST_VARS['excerpt']);
|
||||
$excerpt = format_to_post($excerpt);
|
||||
$post_title = addslashes($HTTP_POST_VARS['post_title']);
|
||||
$post_category = intval($HTTP_POST_VARS['post_category']);
|
||||
$post_status = $HTTP_POST_VARS['post_status'];
|
||||
$comment_status = $HTTP_POST_VARS['comment_status'];
|
||||
$ping_status = $HTTP_POST_VARS['ping_status'];
|
||||
$post_password = addslashes($HTTP_POST_VARS['post_password']);
|
||||
|
||||
if ($user_level == 0)
|
||||
die ("Cheatin' uh ?");
|
||||
die ('Cheatin’ uh?');
|
||||
|
||||
if (($user_level > 4) && (!empty($HTTP_POST_VARS["edit_date"]))) {
|
||||
$aa = $HTTP_POST_VARS["aa"];
|
||||
$mm = $HTTP_POST_VARS["mm"];
|
||||
$jj = $HTTP_POST_VARS["jj"];
|
||||
$hh = $HTTP_POST_VARS["hh"];
|
||||
$mn = $HTTP_POST_VARS["mn"];
|
||||
$ss = $HTTP_POST_VARS["ss"];
|
||||
if (($user_level > 4) && (!empty($HTTP_POST_VARS['edit_date']))) {
|
||||
$aa = $HTTP_POST_VARS['aa'];
|
||||
$mm = $HTTP_POST_VARS['mm'];
|
||||
$jj = $HTTP_POST_VARS['jj'];
|
||||
$hh = $HTTP_POST_VARS['hh'];
|
||||
$mn = $HTTP_POST_VARS['mn'];
|
||||
$ss = $HTTP_POST_VARS['ss'];
|
||||
$jj = ($jj > 31) ? 31 : $jj;
|
||||
$hh = ($hh > 23) ? $hh - 24 : $hh;
|
||||
$mn = ($mn > 59) ? $mn - 60 : $mn;
|
||||
$ss = ($ss > 59) ? $ss - 60 : $ss;
|
||||
$now = "$aa-$mm-$jj $hh:$mn:$ss";
|
||||
} else {
|
||||
$now = date("Y-m-d H:i:s", (time() + ($time_difference * 3600)));
|
||||
$now = date('Y-m-d H:i:s', (time() + ($time_difference * 3600)));
|
||||
}
|
||||
|
||||
$query = "INSERT INTO $tableposts (ID, post_author, post_date, post_content, post_title, post_category, post_excerpt, post_status, comment_status, ping_status, post_password) VALUES ('0','$user_ID','$now','$content','$post_title','$post_category','$excerpt', '$post_status', '$comment_status', '$ping_status', '$post_password')";
|
||||
$result = $wpdb->query($query);
|
||||
$result = $wpdb->query("
|
||||
INSERT INTO $tableposts
|
||||
(ID, post_author, post_date, post_content, post_title, post_category, post_excerpt, post_status, comment_status, ping_status, post_password)
|
||||
VALUES
|
||||
('0','$user_ID','$now','$content','$post_title','$post_category','$excerpt', '$post_status', '$comment_status', '$ping_status', '$post_password')
|
||||
");
|
||||
|
||||
$post_ID = $wpdb->get_var("SELECT ID FROM $tableposts ORDER BY ID DESC LIMIT 1");
|
||||
|
||||
|
@ -92,7 +96,7 @@ switch($action) {
|
|||
}
|
||||
|
||||
if (!empty($HTTP_POST_VARS['trackback_url'])) {
|
||||
$excerpt = (strlen(strip_tags($content)) > 255) ? substr(strip_tags($content), 0, 252).'...' : strip_tags($content);
|
||||
$excerpt = (strlen(strip_tags($content)) > 255) ? substr(strip_tags($content), 0, 252) . '...' : strip_tags($content);
|
||||
$excerpt = stripslashes($excerpt);
|
||||
$trackback_urls = explode(',', $HTTP_POST_VARS['trackback_url']);
|
||||
foreach($trackback_urls as $tb_url) {
|
||||
|
@ -102,20 +106,20 @@ switch($action) {
|
|||
}
|
||||
} // end if publish
|
||||
|
||||
if (!empty($HTTP_POST_VARS["mode"])) {
|
||||
switch($HTTP_POST_VARS["mode"]) {
|
||||
case "bookmarklet":
|
||||
$location="b2bookmarklet.php?a=b";
|
||||
if (!empty($HTTP_POST_VARS['mode'])) {
|
||||
switch($HTTP_POST_VARS['mode']) {
|
||||
case 'bookmarklet':
|
||||
$location = 'b2bookmarklet.php?a=b';
|
||||
break;
|
||||
case "sidebar":
|
||||
$location="b2sidebar.php?a=b";
|
||||
case 'sidebar':
|
||||
$location = 'b2sidebar.php?a=b';
|
||||
break;
|
||||
default:
|
||||
$location="b2edit.php";
|
||||
$location = 'b2edit.php';
|
||||
break;
|
||||
}
|
||||
} else {
|
||||
$location="b2edit.php";
|
||||
$location = 'b2edit.php';
|
||||
}
|
||||
header("Location: $location");
|
||||
exit();
|
||||
|
@ -128,16 +132,16 @@ switch($action) {
|
|||
|
||||
$post = $HTTP_GET_VARS['post'];
|
||||
if ($user_level > 0) {
|
||||
$postdata = get_postdata($post);
|
||||
$authordata = get_userdata($postdata["Author_ID"]);
|
||||
if ($user_level < $authordata->user_level)
|
||||
die ('You don’t have the right to edit <strong>'.$authordata[1].'</strong>’s posts.');
|
||||
$postdata = get_postdata($post);
|
||||
$authordata = get_userdata($postdata['Author_ID']);
|
||||
if ($user_level < $authordata->user_level)
|
||||
die ('You don’t have the right to edit <strong>'.$authordata[1].'</strong>’s posts.');
|
||||
|
||||
$content = $postdata['Content'];
|
||||
$content = format_to_edit($content);
|
||||
$excerpt = $postdata['Excerpt'];
|
||||
$excerpt = format_to_edit($excerpt);
|
||||
$edited_post_title = format_to_edit($postdata['Title']);
|
||||
$content = $postdata['Content'];
|
||||
$content = format_to_edit($content);
|
||||
$excerpt = $postdata['Excerpt'];
|
||||
$excerpt = format_to_edit($excerpt);
|
||||
$edited_post_title = format_to_edit($postdata['Title']);
|
||||
$post_status = $postdata['post_status'];
|
||||
$comment_status = $postdata['comment_status'];
|
||||
$ping_status = $postdata['ping_status'];
|
||||
|
@ -146,48 +150,48 @@ switch($action) {
|
|||
include('b2edit.form.php');
|
||||
} else {
|
||||
?>
|
||||
<p>Since you're a newcomer, you'll have to wait for an admin to raise your level to 1,
|
||||
<p>Since you’re a newcomer, you’ll have to wait for an admin to raise your level to 1,
|
||||
in order to be authorized to post.<br />
|
||||
You can also <a href="mailto:<?php echo $admin_email ?>?subject=b2-promotion">e-mail the admin</a>
|
||||
You can also <a href="mailto:<?php echo $admin_email ?>?subject=Promotion?">e-mail the admin</a>
|
||||
to ask for a promotion.<br />
|
||||
When you're promoted, just reload this page and you'll be able to blog. :)
|
||||
When you’re promoted, just reload this page and you’ll be able to blog. :)
|
||||
</p>
|
||||
<?php
|
||||
}
|
||||
break;
|
||||
|
||||
case "editpost":
|
||||
case 'editpost':
|
||||
|
||||
$standalone = 1;
|
||||
require_once("./b2header.php");
|
||||
require_once('./b2header.php');
|
||||
|
||||
if ($user_level == 0)
|
||||
die ("Cheatin' uh ?");
|
||||
die ('Cheatin’ uh?');
|
||||
|
||||
if (!isset($blog_ID)) {
|
||||
$blog_ID = 1;
|
||||
}
|
||||
$post_ID = $HTTP_POST_VARS["post_ID"];
|
||||
$post_category = intval($HTTP_POST_VARS["post_category"]);
|
||||
$post_autobr = intval($HTTP_POST_VARS["post_autobr"]);
|
||||
$content = balanceTags($HTTP_POST_VARS["content"]);
|
||||
$content = format_to_post($content);
|
||||
$excerpt = balanceTags($HTTP_POST_VARS["excerpt"]);
|
||||
$excerpt = format_to_post($excerpt);
|
||||
$post_title = addslashes($HTTP_POST_VARS["post_title"]);
|
||||
$post_status = $HTTP_POST_VARS['post_status'];
|
||||
$prev_status = $HTTP_POST_VARS['prev_status'];
|
||||
$comment_status = $HTTP_POST_VARS['comment_status'];
|
||||
$ping_status = $HTTP_POST_VARS['ping_status'];
|
||||
$post_password = addslashes($HTTP_POST_VARS['post_password']);
|
||||
$post_ID = $HTTP_POST_VARS['post_ID'];
|
||||
$post_category = intval($HTTP_POST_VARS['post_category']);
|
||||
$post_autobr = intval($HTTP_POST_VARS['post_autobr']);
|
||||
$content = balanceTags($HTTP_POST_VARS['content']);
|
||||
$content = format_to_post($content);
|
||||
$excerpt = balanceTags($HTTP_POST_VARS['excerpt']);
|
||||
$excerpt = format_to_post($excerpt);
|
||||
$post_title = addslashes($HTTP_POST_VARS['post_title']);
|
||||
$post_status = $HTTP_POST_VARS['post_status'];
|
||||
$prev_status = $HTTP_POST_VARS['prev_status'];
|
||||
$comment_status = $HTTP_POST_VARS['comment_status'];
|
||||
$ping_status = $HTTP_POST_VARS['ping_status'];
|
||||
$post_password = addslashes($HTTP_POST_VARS['post_password']);
|
||||
|
||||
if (($user_level > 4) && (!empty($HTTP_POST_VARS["edit_date"]))) {
|
||||
$aa = $HTTP_POST_VARS["aa"];
|
||||
$mm = $HTTP_POST_VARS["mm"];
|
||||
$jj = $HTTP_POST_VARS["jj"];
|
||||
$hh = $HTTP_POST_VARS["hh"];
|
||||
$mn = $HTTP_POST_VARS["mn"];
|
||||
$ss = $HTTP_POST_VARS["ss"];
|
||||
if (($user_level > 4) && (!empty($HTTP_POST_VARS['edit_date']))) {
|
||||
$aa = $HTTP_POST_VARS['aa'];
|
||||
$mm = $HTTP_POST_VARS['mm'];
|
||||
$jj = $HTTP_POST_VARS['jj'];
|
||||
$hh = $HTTP_POST_VARS['hh'];
|
||||
$mn = $HTTP_POST_VARS['mn'];
|
||||
$ss = $HTTP_POST_VARS['ss'];
|
||||
$jj = ($jj > 31) ? 31 : $jj;
|
||||
$hh = ($hh > 23) ? $hh - 24 : $hh;
|
||||
$mn = ($mn > 59) ? $mn - 60 : $mn;
|
||||
|
@ -197,14 +201,24 @@ switch($action) {
|
|||
$datemodif = '';
|
||||
}
|
||||
|
||||
$query = "UPDATE $tableposts SET post_content='$content', post_excerpt='$excerpt', post_title='$post_title', post_category='$post_category'".$datemodif.", post_status='$post_status', comment_status='$comment_status', ping_status='$ping_status', post_password='$post_password' WHERE ID = $post_ID";
|
||||
$result = $wpdb->query($query);
|
||||
$result = $wpdb->query("
|
||||
UPDATE $tableposts SET
|
||||
post_content = '$content',
|
||||
post_excerpt = '$excerpt',
|
||||
post_title = '$post_title',
|
||||
post_category = '$post_category'".$datemodif.",
|
||||
post_status = '$post_status',
|
||||
comment_status = '$comment_status',
|
||||
ping_status = '$ping_status',
|
||||
post_password = '$post_password'
|
||||
WHERE ID = $post_ID
|
||||
");
|
||||
|
||||
if (isset($sleep_after_edit) && $sleep_after_edit > 0) {
|
||||
sleep($sleep_after_edit);
|
||||
}
|
||||
|
||||
// are we going from draft/private to publishd?
|
||||
// are we going from draft/private to published?
|
||||
if ((($prev_status == 'draft') || ($prev_status == 'private')) && ($post_status == 'publish')) {
|
||||
pingWeblogs($blog_ID);
|
||||
pingCafelog($cafelogID, $post_title, $post_ID);
|
||||
|
@ -215,7 +229,7 @@ switch($action) {
|
|||
}
|
||||
|
||||
if (!empty($HTTP_POST_VARS['trackback_url'])) {
|
||||
$excerpt = (strlen(strip_tags($content)) > 255) ? substr(strip_tags($content), 0, 252).'...' : strip_tags($content);
|
||||
$excerpt = (strlen(strip_tags($content)) > 255) ? substr(strip_tags($content), 0, 252) . '...' : strip_tags($content);
|
||||
$excerpt = stripslashes($excerpt);
|
||||
$trackback_urls = explode(',', $HTTP_POST_VARS['trackback_url']);
|
||||
foreach($trackback_urls as $tb_url) {
|
||||
|
@ -229,34 +243,32 @@ switch($action) {
|
|||
header ($location);
|
||||
break;
|
||||
|
||||
case "delete":
|
||||
case 'delete':
|
||||
|
||||
$standalone = 1;
|
||||
require_once("./b2header.php");
|
||||
require_once('./b2header.php');
|
||||
|
||||
if ($user_level == 0)
|
||||
die ("Cheatin' uh ?");
|
||||
die ('Cheatin’ uh?');
|
||||
|
||||
$post = $HTTP_GET_VARS['post'];
|
||||
$postdata=get_postdata($post) or die("Oops, no post with this ID. <a href=\"b2edit.php\">Go back</a> !");
|
||||
$authordata = get_userdata($postdata["Author_ID"]);
|
||||
$postdata = get_postdata($post) or die('Oops, no post with this ID. <a href="b2edit.php">Go back</a>!');
|
||||
$authordata = get_userdata($postdata['Author_ID']);
|
||||
|
||||
if ($user_level < $authordata->user_level)
|
||||
die ("You don't have the right to delete <b>".$authordata[1]."</b>'s posts.");
|
||||
die ('You don’t have the right to delete <strong>'.$authordata[1].'</strong>’s posts.');
|
||||
|
||||
$query = "DELETE FROM $tableposts WHERE ID=$post";
|
||||
$result = $wpdb->query($query);
|
||||
$result = $wpdb->query("DELETE FROM $tableposts WHERE ID=$post");
|
||||
if (!$result)
|
||||
die("Error in deleting... contact the <a href=\"mailto:$admin_email\">webmaster</a>...");
|
||||
die('Error in deleting... contact the <a href="mailto:$admin_email">webmaster</a>.');
|
||||
|
||||
$query = "DELETE FROM $tablecomments WHERE comment_post_ID=$post";
|
||||
$result = $wpdb->query($query);
|
||||
$result = $wpdb->query("DELETE FROM $tablecomments WHERE comment_post_ID=$post");
|
||||
|
||||
if (isset($sleep_after_edit) && $sleep_after_edit > 0) {
|
||||
sleep($sleep_after_edit);
|
||||
}
|
||||
|
||||
//pingWeblogs($blog_ID);
|
||||
// pingWeblogs($blog_ID);
|
||||
|
||||
header ('Location: b2edit.php');
|
||||
|
||||
|
@ -282,32 +294,31 @@ switch($action) {
|
|||
|
||||
break;
|
||||
|
||||
case "deletecomment":
|
||||
case 'deletecomment':
|
||||
|
||||
$standalone = 1;
|
||||
require_once("./b2header.php");
|
||||
require_once('./b2header.php');
|
||||
|
||||
if ($user_level == 0)
|
||||
die ("Cheatin' uh ?");
|
||||
die ('Cheatin’ uh?');
|
||||
|
||||
$comment = $HTTP_GET_VARS['comment'];
|
||||
$p = $HTTP_GET_VARS['p'];
|
||||
$commentdata=get_commentdata($comment) or die("Oops, no comment with this ID. <a href=\"b2edit.php\">Go back</a> !");
|
||||
$commentdata = get_commentdata($comment) or die('Oops, no comment with this ID. <a href="b2edit.php">Go back</a>!');
|
||||
|
||||
$query = "DELETE FROM $tablecomments WHERE comment_ID=$comment";
|
||||
$result = $wpdb->query($query);
|
||||
$result = $wpdb->query("DELETE FROM $tablecomments WHERE comment_ID=$comment");
|
||||
|
||||
header ("Location: b2edit.php?p=$p&c=1#comments"); //?a=dc");
|
||||
header ("Location: b2edit.php?p=$p&c=1#comments");
|
||||
|
||||
break;
|
||||
|
||||
case "editedcomment":
|
||||
case 'editedcomment':
|
||||
|
||||
$standalone = 1;
|
||||
require_once("./b2header.php");
|
||||
require_once('./b2header.php');
|
||||
|
||||
if ($user_level == 0)
|
||||
die ("Cheatin' uh ?");
|
||||
die ('Cheatin’ uh?');
|
||||
|
||||
$comment_ID = $HTTP_POST_VARS['comment_ID'];
|
||||
$comment_post_ID = $HTTP_POST_VARS['comment_post_ID'];
|
||||
|
@ -318,40 +329,46 @@ switch($action) {
|
|||
$newcomment_author_email = addslashes($newcomment_author_email);
|
||||
$newcomment_author_url = addslashes($newcomment_author_url);
|
||||
|
||||
if (($user_level > 4) && (!empty($HTTP_POST_VARS["edit_date"]))) {
|
||||
$aa = $HTTP_POST_VARS["aa"];
|
||||
$mm = $HTTP_POST_VARS["mm"];
|
||||
$jj = $HTTP_POST_VARS["jj"];
|
||||
$hh = $HTTP_POST_VARS["hh"];
|
||||
$mn = $HTTP_POST_VARS["mn"];
|
||||
$ss = $HTTP_POST_VARS["ss"];
|
||||
if (($user_level > 4) && (!empty($HTTP_POST_VARS['edit_date']))) {
|
||||
$aa = $HTTP_POST_VARS['aa'];
|
||||
$mm = $HTTP_POST_VARS['mm'];
|
||||
$jj = $HTTP_POST_VARS['jj'];
|
||||
$hh = $HTTP_POST_VARS['hh'];
|
||||
$mn = $HTTP_POST_VARS['mn'];
|
||||
$ss = $HTTP_POST_VARS['ss'];
|
||||
$jj = ($jj > 31) ? 31 : $jj;
|
||||
$hh = ($hh > 23) ? $hh - 24 : $hh;
|
||||
$mn = ($mn > 59) ? $mn - 60 : $mn;
|
||||
$ss = ($ss > 59) ? $ss - 60 : $ss;
|
||||
$datemodif = ", comment_date=\"$aa-$mm-$jj $hh:$mn:$ss\"";
|
||||
$datemodif = ", comment_date = 'aa-$mm-$jj $hh:$mn:$ss'";
|
||||
} else {
|
||||
$datemodif = "";
|
||||
$datemodif = '';
|
||||
}
|
||||
$content = balanceTags($content);
|
||||
$content = format_to_post($content);
|
||||
|
||||
$query = "UPDATE $tablecomments SET comment_content=\"$content\", comment_author=\"$newcomment_author\", comment_author_email=\"$newcomment_author_email\", comment_author_url=\"$newcomment_author_url\"".$datemodif." WHERE comment_ID=$comment_ID";
|
||||
$result = $wpdb->query($query);
|
||||
$result = $wpdb->query("
|
||||
UPDATE $tablecomments SET
|
||||
comment_content = '$content',
|
||||
comment_author = '$newcomment_author',
|
||||
comment_author_email = '$newcomment_author_email',
|
||||
comment_author_url = '$newcomment_author_url'".$datemodif."
|
||||
WHERE comment_ID = $comment_ID"
|
||||
);
|
||||
|
||||
header ("Location: b2edit.php?p=$comment_post_ID&c=1#comments"); //?a=ec");
|
||||
header ("Location: b2edit.php?p=$comment_post_ID&c=1#comments");
|
||||
|
||||
break;
|
||||
|
||||
default:
|
||||
|
||||
$standalone=0;
|
||||
require_once ("./b2header.php");
|
||||
$standalone = 0;
|
||||
require_once ('./b2header.php');
|
||||
|
||||
if ($user_level > 0) {
|
||||
if ((!$withcomments) && (!$c)) {
|
||||
|
||||
$action = 'post';
|
||||
$action = 'post';
|
||||
get_currentuserinfo();
|
||||
$drafts = $wpdb->get_results("SELECT ID, post_title FROM $tableposts WHERE post_status = 'draft' AND post_author = $user_ID");
|
||||
if ($drafts) {
|
||||
|
@ -362,6 +379,7 @@ switch($action) {
|
|||
$i = 0;
|
||||
foreach ($drafts as $draft) {
|
||||
if (0 != $i) echo ', ';
|
||||
$draft->post_title = stripslashes($draft->post_title);
|
||||
echo "<a href='b2edit.php?action=edit&post=$draft->ID' title='Edit this draft'>$draft->post_title</a>";
|
||||
++$i;
|
||||
}
|
||||
|
@ -369,8 +387,8 @@ switch($action) {
|
|||
</div>
|
||||
<?php
|
||||
}
|
||||
include("b2edit.form.php");
|
||||
echo "<br /><br />";
|
||||
include('b2edit.form.php');
|
||||
echo '<br /><br />';
|
||||
|
||||
}
|
||||
|
||||
|
@ -379,15 +397,17 @@ switch($action) {
|
|||
|
||||
?>
|
||||
<div class="wrap">
|
||||
<p>Since you're a newcomer, you'll have to wait for an admin to raise your level to 1, in order to be authorized to post.<br />You can also <a href="mailto:<?php echo $admin_email ?>?subject=b2-promotion">e-mail the admin</a> to ask for a promotion.<br />When you're promoted, just reload this page and you'll be able to blog. :)</p>
|
||||
<p>Since you’re a newcomer, you’ll have to wait for an admin to raise your level to 1, in order to be authorized to post.<br />
|
||||
You can also <a href="mailto:<?php echo $admin_email ?>?subject=b2-promotion">e-mail the admin</a> to ask for a promotion.<br />
|
||||
When you’re promoted, just reload this page and you’ll be able to blog. :)</p>
|
||||
</div>
|
||||
<?php
|
||||
|
||||
}
|
||||
|
||||
include("b2edit.showposts.php");
|
||||
include('b2edit.showposts.php');
|
||||
break;
|
||||
} // end switch
|
||||
/* </Edit> */
|
||||
include("b2footer.php");
|
||||
include('b2footer.php');
|
||||
?>
|
Loading…
Reference in New Issue