Image uploading widget from skeltoac. fixes #1710

git-svn-id: http://svn.automattic.com/wordpress/trunk@2921 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2005-09-26 23:55:36 +00:00
parent a32bad283f
commit 7b0442ea12
6 changed files with 523 additions and 5 deletions

View File

@ -60,9 +60,19 @@ function write_post() {
$post_ID = wp_insert_post($_POST); $post_ID = wp_insert_post($_POST);
add_meta($post_ID); add_meta($post_ID);
// Reunite any orphaned subposts with their parent
if ( $_POST['temp_ID'] )
relocate_children($_POST['temp_ID'], $post_ID);
return $post_ID; return $post_ID;
} }
// Move child posts to a new parent
function relocate_children($old_ID, $new_ID) {
global $wpdb;
$wpdb->query("UPDATE $wpdb->posts SET post_parent = $new_ID WHERE post_parent = $old_ID");
}
// Update an existing post with values provided in $_POST. // Update an existing post with values provided in $_POST.
function edit_post() { function edit_post() {
global $user_ID; global $user_ID;
@ -1739,4 +1749,46 @@ function current_theme_info() {
$ct->author = $themes[$current_theme]['Author']; $ct->author = $themes[$current_theme]['Author'];
return $ct; return $ct;
} }
// Returns an array containing the current upload directory's path and url, or an error message.
function wp_upload_dir() {
if ( defined('UPLOADS') )
$dir = UPLOADS;
else
$dir = 'wp-content/uploads';
$path = ABSPATH . $dir;
// Make sure we have an uploads dir
if ( ! file_exists( $path ) ) {
if ( ! mkdir( $path ) )
return array('error' => "Unable to create directory $path. Is its parent directory writable by the server?");
@ chmod( ABSPATH . $path, 0774 );
}
// Generate the yearly and monthly dirs
$time = current_time( 'mysql' );
$y = substr( $time, 0, 4 );
$m = substr( $time, 5, 2 );
$pathy = "$path/$y";
$pathym = "$path/$y/$m";
// Make sure we have a yearly dir
if ( ! file_exists( $pathy ) ) {
if ( ! mkdir( $pathy ) )
return array('error' => "Unable to create directory $pathy. Is $path writable?");
@ chmod( $pathy, 0774 );
}
// Make sure we have a monthly dir
if ( ! file_exists( $pathym ) ) {
if ( ! mkdir( $pathym ) )
return array('error' => "Unable to create directory $pathym. Is $pathy writable?");
@ chmod( $pathym, 0774 );
}
$uploads = array('path' => $pathym, 'url' => get_bloginfo('home') . "/$dir/$y/$m", 'error' => false);
return apply_filters('upload_dir', $uploads);
}
?> ?>

View File

@ -17,6 +17,8 @@ $messages[3] = __('Custom field deleted.');
if (0 == $post_ID) { if (0 == $post_ID) {
$form_action = 'post'; $form_action = 'post';
$temp_ID = -1 * time();
$form_extra = "<input type='hidden' name='temp_ID' value='$temp_ID' />";
} else { } else {
$form_action = 'editpost'; $form_action = 'editpost';
$form_extra = "<input type='hidden' name='post_ID' value='$post_ID' />"; $form_extra = "<input type='hidden' name='post_ID' value='$post_ID' />";
@ -172,6 +174,11 @@ if ('publish' != $post_status || 0 == $post_ID) {
<div id="advancedstuff" class="dbx-group" > <div id="advancedstuff" class="dbx-group" >
<fieldset id="imageuploading" class="dbx-box">
<h3 class="dbx-handle"><?php _e('Image Uploading') ?></h3>
<div class="dbx-content"><iframe src="image-uploading.php?action=view&amp;post=<?php echo 0 == $post_ID ? $temp_ID : $post_ID; ?>" id="imageup"></iframe></div>
</fieldset>
<fieldset id="postexcerpt" class="dbx-box"> <fieldset id="postexcerpt" class="dbx-box">
<h3 class="dbx-handle"><?php _e('Optional Excerpt') ?></h3> <h3 class="dbx-handle"><?php _e('Optional Excerpt') ?></h3>
<div class="dbx-content"><textarea rows="1" cols="40" name="excerpt" tabindex="7" id="excerpt"><?php echo $post->post_excerpt ?></textarea></div> <div class="dbx-content"><textarea rows="1" cols="40" name="excerpt" tabindex="7" id="excerpt"><?php echo $post->post_excerpt ?></textarea></div>

View File

@ -0,0 +1,332 @@
<?php
require_once('admin.php');
if (!current_user_can('edit_posts'))
die('You do not have permission to edit posts.');
$wpvarstoreset = array('action', 'post', 'all', 'last', 'link', 'sort', 'start', 'imgtitle', 'descr');
for ($i=0; $i<count($wpvarstoreset); $i += 1) {
$wpvar = $wpvarstoreset[$i];
if (!isset($$wpvar)) {
if (empty($_POST["$wpvar"])) {
if (empty($_GET["$wpvar"])) {
$$wpvar = '';
} else {
$$wpvar = $_GET["$wpvar"];
}
} else {
$$wpvar = $_POST["$wpvar"];
}
}
}
$post = (int) $post;
switch($action) {
case 'save':
// Define acceptable image extentions/types here. Tests will apply strtolower().
$exts = array('gif' => IMAGETYPE_GIF, 'jpg' => IMAGETYPE_JPEG, 'png' => IMAGETYPE_PNG);
// Define the error messages for bad uploads.
$upload_err = array(false,
"The uploaded file exceeds the <code>upload_max_filesize</code> directive in <code>php.ini</code>.",
"The uploaded file exceeds the <em>MAX_FILE_SIZE</em> directive that was specified in the HTML form.",
"The uploaded file was only partially uploaded.",
"No file was uploaded.",
"Missing a temporary folder.",
"Failed to write file to disk.");
$iuerror = false;
// Failing any single one of the following tests is fatal.
// A correct form post will pass this test.
if ( !isset($_POST['action']) || $_POST['action'] != 'save' || count($_FILES) != 1 || ! isset($_FILES['image']) || is_array($_FILES['image']['name']) )
$error = 'Invalid form submission. Only submit approved forms.';
// A successful upload will pass this test.
elseif ( $_FILES['image']['error'] > 0 )
$error = $upload_err[$_FILES['image']['error']];
// A non-empty file will pass this test.
elseif ( 0 == $_FILES['image']['size'] )
$error = 'File is empty. Please upload something more substantial.';
// A correct MIME category will pass this test. Full types are not consistent across browsers.
elseif ( ! 'image/' == substr($_FILES['image']['type'], 0, 6) )
$error = 'Bad MIME type submitted by your browser.';
// An acceptable file extension will pass this test.
elseif ( ! ( ( 0 !== preg_match('#\.?([^\.]*)$#', $_FILES['image']['name'], $matches) ) && ( $ext = strtolower($matches[1]) ) && array_key_exists($ext, $exts) ) )
$error = 'Bad file extension.';
// A valid uploaded file will pass this test.
elseif ( ! is_uploaded_file($_FILES['image']['tmp_name']) )
$error = 'Bad temp file. Try renaming the file and uploading again.';
// A valid image file will pass this test.
elseif ( function_exists('exif_imagetype') && $exts[$ext] != $imagetype = exif_imagetype($_FILES['image']['tmp_name']) )
$error = 'Bad image file. Try again, or try recreating it.';
// An image with at least one pixel will pass this test.
elseif ( ! ( ( $imagesize = getimagesize($_FILES['image']['tmp_name']) ) && $imagesize[0] > 1 && $imagesize[1] > 1 ) )
$error = 'The image has no pixels. Isn\'t that odd?';
// A writable uploads dir will pass this test.
elseif ( ! ( ( $uploads = wp_upload_dir() ) && false === $uploads['error'] ) )
$error = $uploads['error'];
if ( $error )
// Something wasn't right. Abort and never touch the temp file again.
die("$error <a href='".basename(__FILE__)."?action=upload&post=$post'>Back to Image Uploading</a>");
// Increment the file number until we have a unique file to save in $dir
$number = '';
$filename = $_FILES['image']['name'];
while ( file_exists($uploads['path'] . "/$filename") )
$filename = str_replace("$number.$ext", ++$number . ".$ext", $filename);
// Move the file to the uploads dir
$file = $uploads['path'] . "/$filename";
move_uploaded_file($_FILES['image']['tmp_name'], $file);
chmod($file, 0775);
// Compute the URL
$url = $uploads['url'] . "/$filename";
// Construct the object array
$object = array(
'post_title' => $imgtitle ? $imgtitle : $filename,
'post_content' => $descr,
'post_status' => 'object',
'post_parent' => $post,
'post_type' => $_FILES['image']['type'],
'guid' => $url
);
// Save the data
$id = wp_attach_object($object, $post);
// Generate the object's postmeta.
$imagesize = getimagesize($file);
$imagedata['width'] = $imagesize['0'];
$imagedata['height'] = $imagesize['1'];
if ( $imagedata['height'] < 96 && $imagedata['width'] < 128 ) {
$uheight = $imagedata['height'];
$uwidth = $imagedata['width'];
} elseif ( $imagedata['width'] / $imagedata['height'] > 4 / 3 ) {
$uwidth = 128;
$uheight = $imagedata['height'] / $imagedata['width'] * $uwidth;
} else {
$uheight = 96;
$uwidth = $imagedata['width'] / $imagedata['height'] * $uheight;
}
$imagedata['hwstring_small'] = "height='$uheight' width='$uwidth'";
$imagedata['file'] = $file;
if ( false == add_post_meta($id, 'imagedata', $imagedata) )
die("failed to add_post_meta");
header("Location: ".basename(__FILE__)."?post=$post&all=$all&action=view&last=true");
die;
case 'upload':
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascript">
function validateImageName() {
/* This is more for convenience than security. Server-side validation is very thorough.*/
obj = document.getElementById('upload');
r = /.jpg$|.gif$|.png$/i;
if ( obj.value.match(r) )
return true;
alert('Please select a JPG, PNG or GIF file.');
obj.parentNode.reset();
return false;
}
function cancelUpload() {
o = document.getElementById('uploadForm');
o.method = 'GET';
o.action.value = 'view';
o.submit();
}
</script>
<style type="text/css">
label {
float: left;
width: 18%;
}
#title, #descr {
width: 80%;
margin-top: 2px;
}
#descr {
height: 3em;
v-align: top;
}
#buttons {
width: 98%;
text-align: right;
}
</style>
</head>
<body>
<form enctype="multipart/form-data" id="uploadForm" method="POST" action="image-uploading.php" onsubmit="return validateImageName()">
<label for="upload">Image:</label><input type="file" id="upload" name="image" onchange="validateImageName()" /><br />
<label for="title">Title:</label><input type="text" id="title" name="imgtitle" /><br />
<label for="descr">Description:</label><input type="textarea" name="descr" id="descr" value="" /><br />
<input type="hidden" name="action" value="save" />
<input type="hidden" name="post" value="<?php echo $post; ?>" />
<input type="hidden" name="all" value="<?php echo $all; ?>" />
<div id="buttons">
<input type="submit" value="Upload" />
<input type="button" value="Cancel" onclick="cancelUpload()" />
</div>
</form>
</body>
</html>
<?php
break;
case 'view':
if ( $post && empty($all) )
$and_post = "AND post_parent = '$post'";
if ( $last )
$start = $wpdb->get_var("SELECT count(ID) FROM $wpdb->posts WHERE post_status = 'object' AND left(post_type, 5) = 'image' $and_post") - 5;
else
$start = (int) $start;
if ( $start < 0 )
$start = 0;
if ( '' == $sort )
$sort = "ID";
$images = $wpdb->get_results("SELECT ID, post_date, post_title, guid FROM $wpdb->posts WHERE post_status = 'object' AND left(post_type, 5) = 'image' $and_post ORDER BY $sort LIMIT $start, 10", ARRAY_A);
//if ( count($images) == 0 )
// header("Location: ".basename(__FILE__)."?post=$post&all=$all&action=upload");
if ( count($images) > 5 ) {
$next = $start + count($images) - 5;
} else {
$next = false;
}
if ( $start > 0 ) {
$back = $start - 5;
if ( $back < 1 )
$back = '0';
} else {
$back = false;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<style type="text/css">
form {
display: inline;
}
#images, #buttons {
position: absolute;
left: 0px;
width: 98%;
text-align: center;
}
#images {
top: 0px;
}
#buttons {
top: 112px;
}
</style>
</head>
<body>
<div id="images">
<?php
if ( count($images) > 0 ) {
$imagerow = '';
$i = 1;
foreach ( $images as $image ) {
if ( $i++ > 5 ) break;
$image = array_merge($image, get_post_meta($image['ID'], 'imagedata', true) );
?>
<a href="<?php echo $image['guid']; ?>" disabled="true">
<img src="<?php echo $image['guid']; ?>" alt="<?php echo $image['post_title']; ?>" <?php echo $image['hwstring_small']; ?> />
</a>
<?php
}
}
?>
<div>
<div id="buttons">
<form action="image-uploading.php" method="GET">
<input type="hidden" name="action" value="view" />
<input type="hidden" name="all" value="<?php echo $all; ?>" />
<input type="hidden" name="post" value="<?php echo $post; ?>" />
<input type="hidden" name="start" value="0" />
<input type="submit" value="| < <" <?php if ( false === $back ) echo 'disabled="true" ' ?>/>
</form>
<form action="image-uploading.php" method="GET">
<input type="hidden" name="action" value="view" />
<input type="hidden" name="all" value="<?php echo $all; ?>" />
<input type="hidden" name="post" value="<?php echo $post; ?>" />
<input type="hidden" name="start" value="<?php echo $back; ?>" />
<input type="submit" value="< < < < <" <?php if ( false === $back ) echo 'disabled="true" ' ?>/>
</form>
<form action="image-uploading.php" method="GET">
<input type="hidden" name="action" value="upload" />
<input type="hidden" name="all" value="<?php echo $all; ?>" />
<input type="hidden" name="post" value="<?php echo $post; ?>" />
<input type="submit" value="Upload New" />
</form>
<?php if ( $all ) : ?>
<form action="image-uploading.php" method="GET">
<input type="hidden" name="action" value="view" />
<input type="hidden" name="all" value="" />
<input type="hidden" name="post" value="<?php echo $post; ?>" />
<input type="submit" value="Browse Attached" />
</form>
<?php else : ?>
<form action="image-uploading.php" method="GET">
<input type="hidden" name="action" value="view" />
<input type="hidden" name="all" value="true" />
<input type="hidden" name="post" value="<?php echo $post; ?>" />
<input type="submit" value="Browse All" />
</form>
<?php endif; ?>
<form action="image-uploading.php" method="GET">
<input type="hidden" name="action" value="view" />
<input type="hidden" name="all" value="<?php echo $all; ?>" />
<input type="hidden" name="post" value="<?php echo $post; ?>" />
<input type="hidden" name="start" value="<?php echo $next; ?>" />
<input type="submit" value="> > > > >" <?php if ( false === $next ) echo 'disabled="true" ' ?>/>
</form>
<form action="image-uploading.php" method="GET">
<input type="hidden" name="action" value="view" />
<input type="hidden" name="all" value="<?php echo $all; ?>" />
<input type="hidden" name="post" value="<?php echo $post; ?>" />
<input type="hidden" name="last" value="true" />
<input type="submit" value="> > |" <?php if ( false === $next ) echo 'disabled="true" ' ?>/>
</form>
</div>
<?php // echo "<pre>".print_r($images,1)."</pre>";
?>
</body>
</html>
<?php
die;
default:
die('This script was not meant to be called directly.');
}
?>

View File

@ -119,6 +119,7 @@ CREATE TABLE $wpdb->posts (
post_parent bigint(20) NOT NULL default '0', post_parent bigint(20) NOT NULL default '0',
guid varchar(255) NOT NULL default '', guid varchar(255) NOT NULL default '',
menu_order int(11) NOT NULL default '0', menu_order int(11) NOT NULL default '0',
post_type varchar(100) NOT NULL,
PRIMARY KEY (ID), PRIMARY KEY (ID),
KEY post_name (post_name) KEY post_name (post_name)
); );

View File

@ -148,7 +148,7 @@ p, li, dl, dd, dt {
line-height: 130%; line-height: 130%;
} }
textarea, input, select { textarea, input, select, iframe#imageup {
background: #f4f4f4; background: #f4f4f4;
border: 1px solid #b2b2b2; border: 1px solid #b2b2b2;
color: #000; color: #000;
@ -157,6 +157,14 @@ textarea, input, select {
padding: 3px; padding: 3px;
} }
iframe#imageup {
margin: 0px;
padding: 0px;
border: 1px solid #ccc;
height: 13em;
width: 98%;
}
.alignleft { .alignleft {
float: left float: left
} }

View File

@ -128,9 +128,9 @@ function wp_insert_post($postarr = array()) {
} else { } else {
$postquery = $postquery =
"INSERT INTO $wpdb->posts "INSERT INTO $wpdb->posts
(ID, post_author, post_date, post_date_gmt, post_content, post_title, post_excerpt, post_status, comment_status, ping_status, post_password, post_name, to_ping, post_modified, post_modified_gmt, post_parent, menu_order) (ID, post_author, post_date, post_date_gmt, post_content, post_title, post_excerpt, post_status, comment_status, ping_status, post_password, post_name, to_ping, post_modified, post_modified_gmt, post_parent, menu_order, post_type)
VALUES VALUES
('$post_ID', '$post_author', '$post_date', '$post_date_gmt', '$post_content', '$post_title', '$post_excerpt', '$post_status', '$comment_status', '$ping_status', '$post_password', '$post_name', '$to_ping', '$post_date', '$post_date_gmt', '$post_parent', '$menu_order')"; ('$post_ID', '$post_author', '$post_date', '$post_date_gmt', '$post_content', '$post_title', '$post_excerpt', '$post_status', '$comment_status', '$ping_status', '$post_password', '$post_name', '$to_ping', '$post_date', '$post_date_gmt', '$post_parent', '$menu_order', '$post_type')";
} }
$result = $wpdb->query($postquery); $result = $wpdb->query($postquery);
@ -185,6 +185,124 @@ function wp_insert_post($postarr = array()) {
return $post_ID; return $post_ID;
} }
function wp_attach_object($object, $post_parent = 0) {
global $wpdb, $user_ID;
// Export array as variables
extract($object);
// Get the basics.
$post_content = apply_filters('content_save_pre', $post_content);
$post_excerpt = apply_filters('excerpt_save_pre', $post_excerpt);
$post_title = apply_filters('title_save_pre', $post_title);
$post_category = apply_filters('category_save_pre', $post_category);
$post_name = apply_filters('name_save_pre', $post_name);
$comment_status = apply_filters('comment_status_pre', $comment_status);
$ping_status = apply_filters('ping_status_pre', $ping_status);
$post_type = apply_filters('post_type_pre', $post_type);
// Make sure we set a valid category
if (0 == count($post_category) || !is_array($post_category)) {
$post_category = array(get_option('default_category'));
}
$post_cat = $post_category[0];
if ( empty($post_author) )
$post_author = $user_ID;
$post_status = 'object';
// Get the post ID.
if ( $update ) {
$post_ID = $ID;
} else {
$id_result = $wpdb->get_row("SHOW TABLE STATUS LIKE '$wpdb->posts'");
$post_ID = $id_result->Auto_increment;
}
// Create a valid post name.
if ( empty($post_name) ) {
$post_name = sanitize_title($post_title, $post_ID);
} else {
$post_name = sanitize_title($post_name, $post_ID);
}
if (empty($post_date))
$post_date = current_time('mysql');
if (empty($post_date_gmt))
$post_date_gmt = current_time('mysql', 1);
if ( empty($comment_status) ) {
if ( $update )
$comment_status = 'closed';
else
$comment_status = get_settings('default_comment_status');
}
if ( empty($ping_status) )
$ping_status = get_settings('default_ping_status');
if ( empty($post_pingback) )
$post_pingback = get_option('default_pingback_flag');
if ( isset($to_ping) )
$to_ping = preg_replace('|\s+|', "\n", $to_ping);
else
$to_ping = '';
$post_parent = (int) $post_parent;
if ( isset($menu_order) )
$menu_order = (int) $menu_order;
else
$menu_order = 0;
if ( !isset($post_password) )
$post_password = '';
if ($update) {
$postquery =
"UPDATE $wpdb->posts SET
post_author = '$post_author',
post_date = '$post_date',
post_date_gmt = '$post_date_gmt',
post_content = '$post_content',
post_title = '$post_title',
post_excerpt = '$post_excerpt',
post_status = '$post_status',
comment_status = '$comment_status',
ping_status = '$ping_status',
post_password = '$post_password',
post_name = '$post_name',
to_ping = '$to_ping',
post_modified = '$post_date',
post_modified_gmt = '$post_date_gmt',
post_parent = '$post_parent',
menu_order = '$menu_order',
post_type = '$post_type',
guid = '$guid'
WHERE ID = $post_ID";
} else {
$postquery =
"INSERT INTO $wpdb->posts
(ID, post_author, post_date, post_date_gmt, post_content, post_title, post_excerpt, post_status, comment_status, ping_status, post_password, post_name, to_ping, post_modified, post_modified_gmt, post_parent, menu_order, post_type, guid)
VALUES
('$post_ID', '$post_author', '$post_date', '$post_date_gmt', '$post_content', '$post_title', '$post_excerpt', '$post_status', '$comment_status', '$ping_status', '$post_password', '$post_name', '$to_ping', '$post_date', '$post_date_gmt', '$post_parent', '$menu_order', '$post_type', '$guid')";
}
$result = $wpdb->query($postquery);
wp_set_post_cats('', $post_ID, $post_category);
clean_post_cache($post_ID);
if ( $update) {
do_action('edit_object', $post_ID);
} else {
do_action('attach_object', $post_ID);
}
return $post_ID;
}
function wp_get_single_post($postid = 0, $mode = OBJECT) { function wp_get_single_post($postid = 0, $mode = OBJECT) {
global $wpdb; global $wpdb;