Do a cap check at the top of widgets since it won't always inherit the menu cap check.
git-svn-id: http://svn.automattic.com/wordpress/trunk@5385 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan
parent
48c85562b8
commit
b311e786fe
|
|
@ -23,6 +23,7 @@ class Custom_Image_Header {
|
|||
function js() {
|
||||
|
||||
if ( isset( $_POST['textcolor'] ) ) {
|
||||
check_admin_referer('custom-header');
|
||||
if ( 'blank' == $_POST['textcolor'] ) {
|
||||
set_theme_mod('header_textcolor', 'blank');
|
||||
} else {
|
||||
|
|
@ -31,8 +32,10 @@ class Custom_Image_Header {
|
|||
set_theme_mod('header_textcolor', $color);
|
||||
}
|
||||
}
|
||||
if ( isset($_POST['resetheader']) )
|
||||
if ( isset($_POST['resetheader']) ) {
|
||||
check_admin_referer('custom-header');
|
||||
remove_theme_mods();
|
||||
}
|
||||
?>
|
||||
<script type="text/javascript">
|
||||
|
||||
|
|
@ -157,7 +160,7 @@ Event.observe( window, 'load', hide_text );
|
|||
<h2><?php _e('Your Header Image'); ?></h2>
|
||||
<p><?php _e('This is your header image. You can change the text color or upload and crop a new image.'); ?></p>
|
||||
|
||||
<div id="headimg" style="background: url(<?php header_image() ?>) no-repeat;">
|
||||
<div id="headimg" style="background: url(<?php clean_url(header_image()) ?>) no-repeat;">
|
||||
<h1><a onclick="return false;" href="<?php bloginfo('url'); ?>" title="<?php bloginfo('name'); ?>" id="name"><?php bloginfo('name'); ?></a></h1>
|
||||
<div id="desc"><?php bloginfo('description');?></div>
|
||||
</div>
|
||||
|
|
@ -165,7 +168,8 @@ Event.observe( window, 'load', hide_text );
|
|||
<form method="post" action="<?php echo get_option('siteurl') ?>/wp-admin/themes.php?page=custom-header&updated=true">
|
||||
<input type="button" value="<?php _e('Hide Text'); ?>" onclick="hide_text()" id="hidetext" />
|
||||
<input type="button" value="<?php _e('Select a Text Color'); ?>" onclick="colorSelect($('textcolor'), 'pickcolor')" id="pickcolor" /><input type="button" value="<?php _e('Use Original Color'); ?>" onclick="colorDefault()" id="defaultcolor" />
|
||||
<input type="hidden" name="textcolor" id="textcolor" value="#<?php header_textcolor() ?>" /><input name="submit" type="submit" value="<?php _e('Save Changes'); ?> »" /></form>
|
||||
<?php wp_nonce_field('custom-header') ?>
|
||||
<input type="hidden" name="textcolor" id="textcolor" value="#<?php attribute_escape(header_textcolor()) ?>" /><input name="submit" type="submit" value="<?php _e('Save Changes'); ?> »" /></form>
|
||||
<?php } ?>
|
||||
|
||||
<div id="colorPickerDiv" style="z-index: 100;background:#eee;border:1px solid #ccc;position:absolute;visibility:hidden;"> </div>
|
||||
|
|
@ -177,6 +181,7 @@ Event.observe( window, 'load', hide_text );
|
|||
<form enctype="multipart/form-data" id="uploadForm" method="POST" action="<?php echo attribute_escape(add_query_arg('step', 2)) ?>" style="margin: auto; width: 50%;">
|
||||
<label for="upload"><?php _e('Choose an image from your computer:'); ?></label><br /><input type="file" id="upload" name="import" />
|
||||
<input type="hidden" name="action" value="save" />
|
||||
<?php wp_nonce_field('custom-header') ?>
|
||||
<p class="submit">
|
||||
<input type="submit" value="<?php _e('Upload'); ?> »" />
|
||||
</p>
|
||||
|
|
@ -197,6 +202,7 @@ Event.observe( window, 'load', hide_text );
|
|||
}
|
||||
|
||||
function step_2() {
|
||||
check_admin_referer('custom-header');
|
||||
$overrides = array('test_form' => false);
|
||||
$file = wp_handle_upload($_FILES['import'], $overrides);
|
||||
|
||||
|
|
@ -222,7 +228,7 @@ Event.observe( window, 'load', hide_text );
|
|||
list($width, $height, $type, $attr) = getimagesize( $file );
|
||||
|
||||
if ( $width == HEADER_IMAGE_WIDTH && $height == HEADER_IMAGE_HEIGHT ) {
|
||||
set_theme_mod('header_image', $url);
|
||||
set_theme_mod('header_image', clean_url($url));
|
||||
$header = apply_filters('wp_create_file_in_uploads', $file, $id); // For replication
|
||||
return $this->finished();
|
||||
} elseif ( $width > HEADER_IMAGE_WIDTH ) {
|
||||
|
|
@ -256,6 +262,7 @@ Event.observe( window, 'load', hide_text );
|
|||
<input type="hidden" name="height" id="height" />
|
||||
<input type="hidden" name="attachment_id" id="attachment_id" value="<?php echo $id; ?>" />
|
||||
<input type="hidden" name="oitar" id="oitar" value="<?php echo $oitar; ?>" />
|
||||
<?php wp_nonce_field('custom-header') ?>
|
||||
<input type="submit" value="<?php _e('Crop Header »'); ?>" />
|
||||
</p>
|
||||
|
||||
|
|
@ -265,6 +272,7 @@ Event.observe( window, 'load', hide_text );
|
|||
}
|
||||
|
||||
function step_3() {
|
||||
check_admin_referer('custom-header');
|
||||
if ( $_POST['oitar'] > 1 ) {
|
||||
$_POST['x1'] = $_POST['x1'] * $_POST['oitar'];
|
||||
$_POST['y1'] = $_POST['y1'] * $_POST['oitar'];
|
||||
|
|
|
|||
|
|
@ -2,6 +2,9 @@
|
|||
|
||||
require_once 'admin.php';
|
||||
|
||||
if ( ! current_user_can('edit_themes') )
|
||||
wp_die( __( 'Cheatin’ uh?' ));
|
||||
|
||||
wp_enqueue_script( 'scriptaculous-effects' );
|
||||
wp_enqueue_script( 'scriptaculous-dragdrop' );
|
||||
|
||||
|
|
@ -350,11 +353,7 @@ if ( isset( $_POST['action'] ) ) {
|
|||
</script>
|
||||
|
||||
<p class="submit">
|
||||
<?php
|
||||
if ( function_exists( 'wp_nonce_field' ) ) {
|
||||
wp_nonce_field( 'widgets-save-widget-order' );
|
||||
}
|
||||
?>
|
||||
<?php wp_nonce_field( 'widgets-save-widget-order' ); ?>
|
||||
<input type="hidden" name="action" id="action" value="save_widget_order" />
|
||||
<input type="submit" value="<?php _e( 'Save Changes »' ); ?>" />
|
||||
</p>
|
||||
|
|
|
|||
|
|
@ -82,6 +82,7 @@ add_action('admin_menu', 'kubrick_add_theme_page');
|
|||
function kubrick_add_theme_page() {
|
||||
if ( $_GET['page'] == basename(__FILE__) ) {
|
||||
if ( 'save' == $_REQUEST['action'] ) {
|
||||
check_admin_referer('kubrick-header');
|
||||
if ( isset($_REQUEST['njform']) ) {
|
||||
if ( isset($_REQUEST['defaults']) ) {
|
||||
delete_option('kubrick_header_image');
|
||||
|
|
@ -90,9 +91,10 @@ function kubrick_add_theme_page() {
|
|||
} else {
|
||||
if ( '' == $_REQUEST['njfontcolor'] )
|
||||
delete_option('kubrick_header_color');
|
||||
else
|
||||
update_option('kubrick_header_color', $_REQUEST['njfontcolor']);
|
||||
|
||||
else {
|
||||
$fontcolor = preg_replace('/^.*(#[0-9a-fA-F]{6})?.*$/', '$1', $_REQUEST['njfontcolor']);
|
||||
update_option('kubrick_header_color', $fontcolor);
|
||||
}
|
||||
if ( preg_match('/[0-9A-F]{6}|[0-9A-F]{3}/i', $_REQUEST['njuppercolor'], $uc) && preg_match('/[0-9A-F]{6}|[0-9A-F]{3}/i', $_REQUEST['njlowercolor'], $lc) ) {
|
||||
$uc = ( strlen($uc[0]) == 3 ) ? $uc[0]{0}.$uc[0]{0}.$uc[0]{1}.$uc[0]{1}.$uc[0]{2}.$uc[0]{2} : $uc[0];
|
||||
$lc = ( strlen($lc[0]) == 3 ) ? $lc[0]{0}.$lc[0]{0}.$lc[0]{1}.$lc[0]{1}.$lc[0]{2}.$lc[0]{2} : $lc[0];
|
||||
|
|
@ -109,20 +111,27 @@ function kubrick_add_theme_page() {
|
|||
} else {
|
||||
|
||||
if ( isset($_REQUEST['headerimage']) ) {
|
||||
check_admin_referer('kubrick-header');
|
||||
if ( '' == $_REQUEST['headerimage'] )
|
||||
delete_option('kubrick_header_image');
|
||||
else
|
||||
update_option('kubrick_header_image', $_REQUEST['headerimage']);
|
||||
else {
|
||||
$headerimage = preg_replace('/^.*?(header-img.php\?upper=[0-9a-fA-F]{6}&lower=[0-9a-fA-F]{6})?.*$/', '$1', $_REQUEST['headerimage']);
|
||||
update_option('kubrick_header_image', $headerimage);
|
||||
}
|
||||
}
|
||||
|
||||
if ( isset($_REQUEST['fontcolor']) ) {
|
||||
check_admin_referer('kubrick-header');
|
||||
if ( '' == $_REQUEST['fontcolor'] )
|
||||
delete_option('kubrick_header_color');
|
||||
else
|
||||
update_option('kubrick_header_color', $_REQUEST['fontcolor']);
|
||||
else {
|
||||
$fontcolor = preg_replace('/^.*?(#[0-9a-fA-F]{6})?.*$/', '$1', $_REQUEST['fontcolor']);
|
||||
update_option('kubrick_header_color', $fontcolor);
|
||||
}
|
||||
}
|
||||
|
||||
if ( isset($_REQUEST['fontdisplay']) ) {
|
||||
check_admin_referer('kubrick-header');
|
||||
if ( '' == $_REQUEST['fontdisplay'] || 'inline' == $_REQUEST['fontdisplay'] )
|
||||
delete_option('kubrick_header_display');
|
||||
else
|
||||
|
|
@ -233,13 +242,13 @@ function kubrick_theme_page_head() {
|
|||
document.getElementById('headerimg').style.display = document.getElementById('fontdisplay').value;
|
||||
}
|
||||
function kRevert() {
|
||||
document.getElementById('headerimage').value = '<?php echo kubrick_header_image(); ?>';
|
||||
document.getElementById('advuppercolor').value = document.getElementById('uppercolor').value = '#<?php echo kubrick_upper_color(); ?>';
|
||||
document.getElementById('advlowercolor').value = document.getElementById('lowercolor').value = '#<?php echo kubrick_lower_color(); ?>';
|
||||
document.getElementById('header').style.background = 'url("<?php echo kubrick_header_image_url(); ?>") center no-repeat';
|
||||
document.getElementById('headerimage').value = '<?php echo js_escape(kubrick_header_image()); ?>';
|
||||
document.getElementById('advuppercolor').value = document.getElementById('uppercolor').value = '#<?php echo js_escape(kubrick_upper_color()); ?>';
|
||||
document.getElementById('advlowercolor').value = document.getElementById('lowercolor').value = '#<?php echo js_escape(kubrick_lower_color()); ?>';
|
||||
document.getElementById('header').style.background = 'url("<?php echo js_escape(kubrick_header_image_url()); ?>") center no-repeat';
|
||||
document.getElementById('header').style.color = '';
|
||||
document.getElementById('advfontcolor').value = document.getElementById('fontcolor').value = '<?php echo kubrick_header_color_string(); ?>';
|
||||
document.getElementById('fontdisplay').value = '<?php echo kubrick_header_display_string(); ?>';
|
||||
document.getElementById('advfontcolor').value = document.getElementById('fontcolor').value = '<?php echo js_escape(kubrick_header_color_string()); ?>';
|
||||
document.getElementById('fontdisplay').value = '<?php echo js_escape(kubrick_header_display_string()); ?>';
|
||||
document.getElementById('headerimg').style.display = document.getElementById('fontdisplay').value;
|
||||
}
|
||||
function kInit() {
|
||||
|
|
@ -361,11 +370,12 @@ function kubrick_theme_page() {
|
|||
<br />
|
||||
<div id="nonJsForm">
|
||||
<form method="post" action="">
|
||||
<?php wp_nonce_field('kubrick-header'); ?>
|
||||
<div class="zerosize"><input type="submit" name="defaultsubmit" value="Save" /></div>
|
||||
<label for="njfontcolor">Font Color:</label><input type="text" name="njfontcolor" id="njfontcolor" value="<?php echo kubrick_header_color(); ?>" /> Any CSS color (<code>red</code> or <code>#FF0000</code> or <code>rgb(255, 0, 0)</code>)<br />
|
||||
<label for="njuppercolor">Upper Color:</label><input type="text" name="njuppercolor" id="njuppercolor" value="#<?php echo kubrick_upper_color(); ?>" /> HEX only (<code>#FF0000</code> or <code>#F00</code>)<br />
|
||||
<label for="njlowercolor">Lower Color:</label><input type="text" name="njlowercolor" id="njlowercolor" value="#<?php echo kubrick_lower_color(); ?>" /> HEX only (<code>#FF0000</code> or <code>#F00</code>)<br />
|
||||
<input type="hidden" name="hi" id="hi" value="<?php echo kubrick_header_image(); ?>" />
|
||||
<label for="njfontcolor">Font Color:</label><input type="text" name="njfontcolor" id="njfontcolor" value="<?php echo attribute_escape(kubrick_header_color()); ?>" /> Any CSS color (<code>red</code> or <code>#FF0000</code> or <code>rgb(255, 0, 0)</code>)<br />
|
||||
<label for="njuppercolor">Upper Color:</label><input type="text" name="njuppercolor" id="njuppercolor" value="#<?php echo attribute_escape(kubrick_upper_color()); ?>" /> HEX only (<code>#FF0000</code> or <code>#F00</code>)<br />
|
||||
<label for="njlowercolor">Lower Color:</label><input type="text" name="njlowercolor" id="njlowercolor" value="#<?php echo attribute_escape(kubrick_lower_color()); ?>" /> HEX only (<code>#FF0000</code> or <code>#F00</code>)<br />
|
||||
<input type="hidden" name="hi" id="hi" value="<?php echo attribute_escape(kubrick_header_image()); ?>" />
|
||||
<input type="submit" name="toggledisplay" id="toggledisplay" value="Toggle Text" />
|
||||
<input type="submit" name="defaults" value="Use Defaults" />
|
||||
<input type="submit" class="defbutton" name="submitform" value=" Save " />
|
||||
|
|
@ -375,25 +385,27 @@ function kubrick_theme_page() {
|
|||
</div>
|
||||
<div id="jsForm">
|
||||
<form style="display:inline;" method="post" name="hicolor" id="hicolor" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
|
||||
<?php wp_nonce_field('kubrick-header'); ?>
|
||||
<input type="button" onclick="tgt=document.getElementById('fontcolor');colorSelect(tgt,'pick1');return false;" name="pick1" id="pick1" value="Font Color"></input>
|
||||
<input type="button" onclick="tgt=document.getElementById('uppercolor');colorSelect(tgt,'pick2');return false;" name="pick2" id="pick2" value="Upper Color"></input>
|
||||
<input type="button" onclick="tgt=document.getElementById('lowercolor');colorSelect(tgt,'pick3');return false;" name="pick3" id="pick3" value="Lower Color"></input>
|
||||
<input type="button" name="revert" value="Revert" onclick="kRevert()" />
|
||||
<input type="button" value="Advanced" onclick="toggleAdvanced()" />
|
||||
<input type="hidden" name="action" value="save" />
|
||||
<input type="hidden" name="fontdisplay" id="fontdisplay" value="<?php echo kubrick_header_display(); ?>" />
|
||||
<input type="hidden" name="fontcolor" id="fontcolor" value="<?php echo kubrick_header_color(); ?>" />
|
||||
<input type="hidden" name="uppercolor" id="uppercolor" value="<?php echo kubrick_upper_color(); ?>" />
|
||||
<input type="hidden" name="lowercolor" id="lowercolor" value="<?php echo kubrick_lower_color(); ?>" />
|
||||
<input type="hidden" name="headerimage" id="headerimage" value="<?php echo kubrick_header_image(); ?>" />
|
||||
<input type="hidden" name="fontdisplay" id="fontdisplay" value="<?php echo attribute_escape(kubrick_header_display()); ?>" />
|
||||
<input type="hidden" name="fontcolor" id="fontcolor" value="<?php echo attribute_escape(kubrick_header_color()); ?>" />
|
||||
<input type="hidden" name="uppercolor" id="uppercolor" value="<?php echo attribute_escape(kubrick_upper_color()); ?>" />
|
||||
<input type="hidden" name="lowercolor" id="lowercolor" value="<?php echo attribute_escape(kubrick_lower_color()); ?>" />
|
||||
<input type="hidden" name="headerimage" id="headerimage" value="<?php echo attribute_escape(kubrick_header_image()); ?>" />
|
||||
<p class="submit"><input type="submit" name="submitform" class="defbutton" value="<?php _e('Update Header »'); ?>" onclick="cp.hidePopup('prettyplease')" /></p>
|
||||
</form>
|
||||
<div id="colorPickerDiv" style="z-index: 100;background:#eee;border:1px solid #ccc;position:absolute;visibility:hidden;"> </div>
|
||||
<div id="advanced">
|
||||
<form id="jsAdvanced" style="display:none;" action="">
|
||||
<label for="advfontcolor">Font Color (CSS): </label><input type="text" id="advfontcolor" onchange="advUpdate(this.value, 'fontcolor')" value="<?php echo kubrick_header_color(); ?>" /><br />
|
||||
<label for="advuppercolor">Upper Color (HEX): </label><input type="text" id="advuppercolor" onchange="advUpdate(this.value, 'uppercolor')" value="#<?php echo kubrick_upper_color(); ?>" /><br />
|
||||
<label for="advlowercolor">Lower Color (HEX): </label><input type="text" id="advlowercolor" onchange="advUpdate(this.value, 'lowercolor')" value="#<?php echo kubrick_lower_color(); ?>" /><br />
|
||||
<?php wp_nonce_field('kubrick-header'); ?>
|
||||
<label for="advfontcolor">Font Color (CSS): </label><input type="text" id="advfontcolor" onchange="advUpdate(this.value, 'fontcolor')" value="<?php echo attribute_escape(kubrick_header_color()); ?>" /><br />
|
||||
<label for="advuppercolor">Upper Color (HEX): </label><input type="text" id="advuppercolor" onchange="advUpdate(this.value, 'uppercolor')" value="#<?php echo attribute_escape(kubrick_upper_color()); ?>" /><br />
|
||||
<label for="advlowercolor">Lower Color (HEX): </label><input type="text" id="advlowercolor" onchange="advUpdate(this.value, 'lowercolor')" value="#<?php echo attribute_escape(kubrick_lower_color()); ?>" /><br />
|
||||
<input type="button" name="default" value="Select Default Colors" onclick="kDefaults()" /><br />
|
||||
<input type="button" onclick="toggleDisplay();return false;" name="pick" id="pick" value="Toggle Text Display"></input><br />
|
||||
</form>
|
||||
|
|
|
|||
Loading…
Reference in New Issue