diff --git a/wp-admin/b2edit.php b/wp-admin/b2edit.php index 507fca2fbd..61925f8aaa 100644 --- a/wp-admin/b2edit.php +++ b/wp-admin/b2edit.php @@ -3,342 +3,340 @@ $title = "Post / Edit"; /* */ function add_magic_quotes($array) { - foreach ($array as $k => $v) { - if (is_array($v)) { - $array[$k] = add_magic_quotes($v); - } else { - $array[$k] = addslashes($v); - } - } - return $array; + foreach ($array as $k => $v) { + if (is_array($v)) { + $array[$k] = add_magic_quotes($v); + } else { + $array[$k] = addslashes($v); + } + } + return $array; } if (!get_magic_quotes_gpc()) { - $HTTP_GET_VARS = add_magic_quotes($HTTP_GET_VARS); - $HTTP_POST_VARS = add_magic_quotes($HTTP_POST_VARS); - $HTTP_COOKIE_VARS = add_magic_quotes($HTTP_COOKIE_VARS); + $HTTP_GET_VARS = add_magic_quotes($HTTP_GET_VARS); + $HTTP_POST_VARS = add_magic_quotes($HTTP_POST_VARS); + $HTTP_COOKIE_VARS = add_magic_quotes($HTTP_COOKIE_VARS); } $b2varstoreset = array('action','safe_mode','withcomments','c','posts','poststart','postend','content','edited_post_title','comment_error','profile', 'trackback_url', 'excerpt'); for ($i=0; $i 4) && (!empty($HTTP_POST_VARS["edit_date"]))) { - $aa = $HTTP_POST_VARS["aa"]; - $mm = $HTTP_POST_VARS["mm"]; - $jj = $HTTP_POST_VARS["jj"]; - $hh = $HTTP_POST_VARS["hh"]; - $mn = $HTTP_POST_VARS["mn"]; - $ss = $HTTP_POST_VARS["ss"]; - $jj = ($jj > 31) ? 31 : $jj; - $hh = ($hh > 23) ? $hh - 24 : $hh; - $mn = ($mn > 59) ? $mn - 60 : $mn; - $ss = ($ss > 59) ? $ss - 60 : $ss; - $now = "$aa-$mm-$jj $hh:$mn:$ss"; - } else { - $now = date("Y-m-d H:i:s", (time() + ($time_difference * 3600))); - } - - $query = "INSERT INTO $tableposts (ID, post_author, post_date, post_content, post_title, post_category, post_excerpt) VALUES ('0','$user_ID','$now','$content','$post_title','$post_category','$excerpt')"; - $result = mysql_query($query) or mysql_oops($query); - - $post_ID = mysql_insert_id(); - - if (isset($sleep_after_edit) && $sleep_after_edit > 0) { - sleep($sleep_after_edit); - } - - pingWeblogs($blog_ID); - pingCafelog($cafelogID, $post_title, $post_ID); - pingBlogs($blog_ID); - if ($post_pingback) { - pingback($content, $post_ID); - } - - if (!empty($HTTP_POST_VARS['trackback_url'])) { - $excerpt = (strlen(strip_tags($content)) > 255) ? substr(strip_tags($content), 0, 252).'...' : strip_tags($content); - $excerpt = stripslashes($excerpt); - $trackback_urls = explode(',', $HTTP_POST_VARS['trackback_url']); - foreach($trackback_urls as $tb_url) { - $tb_url = trim($tb_url); - trackback($tb_url, stripslashes($post_title), $excerpt, $post_ID); - } - } - - if (!empty($HTTP_POST_VARS["mode"])) { - switch($HTTP_POST_VARS["mode"]) { - case "bookmarklet": - $location="b2bookmarklet.php?a=b"; - break; - case "sidebar": - $location="b2sidebar.php?a=b"; - break; - default: - $location="b2edit.php"; - break; - } - } else { - $location="b2edit.php"; - } - header("Location: $location"); - exit(); - -break; - -case 'edit': - - $standalone = 0; - require_once('b2header.php'); - $post = $HTTP_GET_VARS['post']; - if ($user_level > 0) { - $postdata=get_postdata($post) or die('Oops, no post with this ID. Go back!'); - $authordata = get_userdata($postdata["Author_ID"]); - if ($user_level < $authordata[13]) - die ('You don’t have the right to edit '.$authordata[1].'’s posts.'); - - $content = $postdata['Content']; - $content = format_to_edit($content); - $excerpt = $postdata['Excerpt']; - $excerpt = format_to_edit($excerpt); - $edited_post_title = format_to_edit($postdata['Title']); - - include('b2edit.form.php'); - - } else { - ?> - -

Since you're a newcomer, you'll have to wait for an admin to raise your level to 1, in order to be authorized to post.
You can also e-mail the admin to ask for a promotion.
When you're promoted, just reload this page and you'll be able to blog. :)

- - 4) && (!empty($HTTP_POST_VARS["edit_date"]))) { - $aa = $HTTP_POST_VARS["aa"]; - $mm = $HTTP_POST_VARS["mm"]; - $jj = $HTTP_POST_VARS["jj"]; - $hh = $HTTP_POST_VARS["hh"]; - $mn = $HTTP_POST_VARS["mn"]; - $ss = $HTTP_POST_VARS["ss"]; - $jj = ($jj > 31) ? 31 : $jj; - $hh = ($hh > 23) ? $hh - 24 : $hh; - $mn = ($mn > 59) ? $mn - 60 : $mn; - $ss = ($ss > 59) ? $ss - 60 : $ss; - $datemodif = ", post_date=\"$aa-$mm-$jj $hh:$mn:$ss\""; - } else { - $datemodif = ""; - } - - $query = "UPDATE $tableposts SET post_content=\"$content\", post_excerpt=\"$excerpt\", post_title=\"$post_title\", post_category=\"$post_category\"".$datemodif." WHERE ID=$post_ID"; - $result = mysql_query($query) or mysql_oops($query); - - if (isset($sleep_after_edit) && $sleep_after_edit > 0) { - sleep($sleep_after_edit); - } - -// pingWeblogs($blog_ID); - - $location = "Location: b2edit.php"; - header ($location); - -break; - -case "delete": - - $standalone = 1; - require_once("./b2header.php"); - - if ($user_level == 0) - die ("Cheatin' uh ?"); - - $post = $HTTP_GET_VARS['post']; - $postdata=get_postdata($post) or die("Oops, no post with this ID. Go back !"); - $authordata = get_userdata($postdata["Author_ID"]); - if ($user_level < $authordata[13]) - die ("You don't have the right to delete ".$authordata[1]."'s posts."); + case 'post': + + $standalone = 1; + require_once('b2header.php'); + + $post_autobr = intval($HTTP_POST_VARS["post_autobr"]); + $post_pingback = intval($HTTP_POST_VARS["post_pingback"]); + $content = balanceTags($HTTP_POST_VARS["content"]); + $content = format_to_post($content); + $excerpt = balanceTags($HTTP_POST_VARS["excerpt"]); + $excerpt = format_to_post($excerpt); + $post_title = addslashes($HTTP_POST_VARS["post_title"]); + $post_category = intval($HTTP_POST_VARS["post_category"]); + + if ($user_level == 0) + die ("Cheatin' uh ?"); + + if (($user_level > 4) && (!empty($HTTP_POST_VARS["edit_date"]))) { + $aa = $HTTP_POST_VARS["aa"]; + $mm = $HTTP_POST_VARS["mm"]; + $jj = $HTTP_POST_VARS["jj"]; + $hh = $HTTP_POST_VARS["hh"]; + $mn = $HTTP_POST_VARS["mn"]; + $ss = $HTTP_POST_VARS["ss"]; + $jj = ($jj > 31) ? 31 : $jj; + $hh = ($hh > 23) ? $hh - 24 : $hh; + $mn = ($mn > 59) ? $mn - 60 : $mn; + $ss = ($ss > 59) ? $ss - 60 : $ss; + $now = "$aa-$mm-$jj $hh:$mn:$ss"; + } else { + $now = date("Y-m-d H:i:s", (time() + ($time_difference * 3600))); + } + + $query = "INSERT INTO $tableposts (ID, post_author, post_date, post_content, post_title, post_category, post_excerpt) VALUES ('0','$user_ID','$now','$content','$post_title','$post_category','$excerpt')"; + $result = mysql_query($query) or mysql_oops($query); + + $post_ID = mysql_insert_id(); + + if (isset($sleep_after_edit) && $sleep_after_edit > 0) { + sleep($sleep_after_edit); + } + + pingWeblogs($blog_ID); + pingCafelog($cafelogID, $post_title, $post_ID); + pingBlogs($blog_ID); + if ($post_pingback) { + pingback($content, $post_ID); + } + + if (!empty($HTTP_POST_VARS['trackback_url'])) { + $excerpt = (strlen(strip_tags($content)) > 255) ? substr(strip_tags($content), 0, 252).'...' : strip_tags($content); + $excerpt = stripslashes($excerpt); + $trackback_urls = explode(',', $HTTP_POST_VARS['trackback_url']); + foreach($trackback_urls as $tb_url) { + $tb_url = trim($tb_url); + trackback($tb_url, stripslashes($post_title), $excerpt, $post_ID); + } + } + + if (!empty($HTTP_POST_VARS["mode"])) { + switch($HTTP_POST_VARS["mode"]) { + case "bookmarklet": + $location="b2bookmarklet.php?a=b"; + break; + case "sidebar": + $location="b2sidebar.php?a=b"; + break; + default: + $location="b2edit.php"; + break; + } + } else { + $location="b2edit.php"; + } + header("Location: $location"); + exit(); + break; + + case 'edit': + + $standalone = 0; + require_once('b2header.php'); + $post = $HTTP_GET_VARS['post']; + if ($user_level > 0) { + $postdata=get_postdata($post) or die('Oops, no post with this ID. Go back!'); + $authordata = get_userdata($postdata["Author_ID"]); + if ($user_level < $authordata[13]) + die ('You don’t have the right to edit '.$authordata[1].'’s posts.'); + + $content = $postdata['Content']; + $content = format_to_edit($content); + $excerpt = $postdata['Excerpt']; + $excerpt = format_to_edit($excerpt); + $edited_post_title = format_to_edit($postdata['Title']); + + include('b2edit.form.php'); + + } else { +?> +

Since you're a newcomer, you'll have to wait for an admin to raise your level to 1, + in order to be authorized to post.
+ You can also e-mail the admin + to ask for a promotion.
+ When you're promoted, just reload this page and you'll be able to blog. :) +

+ 4) && (!empty($HTTP_POST_VARS["edit_date"]))) { + $aa = $HTTP_POST_VARS["aa"]; + $mm = $HTTP_POST_VARS["mm"]; + $jj = $HTTP_POST_VARS["jj"]; + $hh = $HTTP_POST_VARS["hh"]; + $mn = $HTTP_POST_VARS["mn"]; + $ss = $HTTP_POST_VARS["ss"]; + $jj = ($jj > 31) ? 31 : $jj; + $hh = ($hh > 23) ? $hh - 24 : $hh; + $mn = ($mn > 59) ? $mn - 60 : $mn; + $ss = ($ss > 59) ? $ss - 60 : $ss; + $datemodif = ", post_date=\"$aa-$mm-$jj $hh:$mn:$ss\""; + } else { + $datemodif = ""; + } + + $query = "UPDATE $tableposts SET post_content=\"$content\", post_excerpt=\"$excerpt\", post_title=\"$post_title\", post_category=\"$post_category\"".$datemodif." WHERE ID=$post_ID"; + $result = mysql_query($query) or mysql_oops($query); + + if (isset($sleep_after_edit) && $sleep_after_edit > 0) { + sleep($sleep_after_edit); + } + + //pingWeblogs($blog_ID); + + $location = "Location: b2edit.php"; + header ($location); + break; + + case "delete": + + $standalone = 1; + require_once("./b2header.php"); + + if ($user_level == 0) + die ("Cheatin' uh ?"); + + $post = $HTTP_GET_VARS['post']; + $postdata=get_postdata($post) or die("Oops, no post with this ID. Go back !"); + $authordata = get_userdata($postdata["Author_ID"]); + + if ($user_level < $authordata[13]) + die ("You don't have the right to delete ".$authordata[1]."'s posts."); + + $query = "DELETE FROM $tableposts WHERE ID=$post"; + $result = mysql_query($query) or die("Oops, no post with this ID. Go back !"); + if (!$result) + die("Error in deleting... contact the webmaster..."); + + $query = "DELETE FROM $tablecomments WHERE comment_post_ID=$post"; + $result = mysql_query($query) or die("Oops, no comment associated to that post. Go back !"); + + if (isset($sleep_after_edit) && $sleep_after_edit > 0) { + sleep($sleep_after_edit); + } + + // pingWeblogs($blog_ID); - $query = "DELETE FROM $tableposts WHERE ID=$post"; - $result = mysql_query($query) or die("Oops, no post with this ID. Go back !"); - if (!$result) - die("Error in deleting... contact the webmaster..."); + header ('Location: b2edit.php'); - $query = "DELETE FROM $tablecomments WHERE comment_post_ID=$post"; - $result = mysql_query($query) or die("Oops, no comment associated to that post. Go back !"); + break; - if (isset($sleep_after_edit) && $sleep_after_edit > 0) { - sleep($sleep_after_edit); - } + case 'editcomment': -// pingWeblogs($blog_ID); + $standalone = 0; + require_once ('b2header.php'); + + get_currentuserinfo(); + + if ($user_level == 0) { + die ('Cheatin’ uh?'); + } - header ('Location: b2edit.php'); + $comment = $HTTP_GET_VARS['comment']; + $commentdata = get_commentdata($comment, 1) or die('Oops, no comment with this ID. Go back!'); + $content = $commentdata['comment_content']; + $content = format_to_edit($content); -break; + include('b2edit.form.php'); -case 'editcomment': + break; - $standalone = 0; - require_once ('b2header.php'); + case "deletecomment": - get_currentuserinfo(); + $standalone = 1; + require_once("./b2header.php"); - if ($user_level == 0) { - die ('Cheatin’ uh?'); - } + if ($user_level == 0) + die ("Cheatin' uh ?"); - $comment = $HTTP_GET_VARS['comment']; - $commentdata = get_commentdata($comment, 1) or die('Oops, no comment with this ID. Go back!'); - $content = $commentdata['comment_content']; - $content = format_to_edit($content); + $comment = $HTTP_GET_VARS['comment']; + $p = $HTTP_GET_VARS['p']; + $commentdata=get_commentdata($comment) or die("Oops, no comment with this ID. Go back !"); - include('b2edit.form.php'); + $query = "DELETE FROM $tablecomments WHERE comment_ID=$comment"; + $result = mysql_query($query) or die("Oops, no comment with this ID. Go back !"); -break; + header ("Location: b2edit.php?p=$p&c=1#comments"); //?a=dc"); -case "deletecomment": + break; - $standalone = 1; - require_once("./b2header.php"); + case "editedcomment": - if ($user_level == 0) - die ("Cheatin' uh ?"); + $standalone = 1; + require_once("./b2header.php"); - $comment = $HTTP_GET_VARS['comment']; - $p = $HTTP_GET_VARS['p']; - $commentdata=get_commentdata($comment) or die("Oops, no comment with this ID. Go back !"); + if ($user_level == 0) + die ("Cheatin' uh ?"); - $query = "DELETE FROM $tablecomments WHERE comment_ID=$comment"; - $result = mysql_query($query) or die("Oops, no comment with this ID. Go back !"); + $comment_ID = $HTTP_POST_VARS['comment_ID']; + $comment_post_ID = $HTTP_POST_VARS['comment_post_ID']; + $newcomment_author = $HTTP_POST_VARS['newcomment_author']; + $newcomment_author_email = $HTTP_POST_VARS['newcomment_author_email']; + $newcomment_author_url = $HTTP_POST_VARS['newcomment_author_url']; + $newcomment_author = addslashes($newcomment_author); + $newcomment_author_email = addslashes($newcomment_author_email); + $newcomment_author_url = addslashes($newcomment_author_url); + $post_autobr = $HTTP_POST_VARS["post_autobr"]; - header ("Location: b2edit.php?p=$p&c=1#comments"); //?a=dc"); + if (($user_level > 4) && (!empty($HTTP_POST_VARS["edit_date"]))) { + $aa = $HTTP_POST_VARS["aa"]; + $mm = $HTTP_POST_VARS["mm"]; + $jj = $HTTP_POST_VARS["jj"]; + $hh = $HTTP_POST_VARS["hh"]; + $mn = $HTTP_POST_VARS["mn"]; + $ss = $HTTP_POST_VARS["ss"]; + $jj = ($jj > 31) ? 31 : $jj; + $hh = ($hh > 23) ? $hh - 24 : $hh; + $mn = ($mn > 59) ? $mn - 60 : $mn; + $ss = ($ss > 59) ? $ss - 60 : $ss; + $datemodif = ", comment_date=\"$aa-$mm-$jj $hh:$mn:$ss\""; + } else { + $datemodif = ""; + } + $content = balanceTags($content); + $content = format_to_post($content); -break; + $query = "UPDATE $tablecomments SET comment_content=\"$content\", comment_author=\"$newcomment_author\", comment_author_email=\"$newcomment_author_email\", comment_author_url=\"$newcomment_author_url\"".$datemodif." WHERE comment_ID=$comment_ID"; + $result = mysql_query($query) or mysql_oops($query); -case "editedcomment": + header ("Location: b2edit.php?p=$comment_post_ID&c=1#comments"); //?a=ec"); - $standalone = 1; - require_once("./b2header.php"); + break; - if ($user_level == 0) - die ("Cheatin' uh ?"); + default: - $comment_ID = $HTTP_POST_VARS['comment_ID']; - $comment_post_ID = $HTTP_POST_VARS['comment_post_ID']; - $newcomment_author = $HTTP_POST_VARS['newcomment_author']; - $newcomment_author_email = $HTTP_POST_VARS['newcomment_author_email']; - $newcomment_author_url = $HTTP_POST_VARS['newcomment_author_url']; - $newcomment_author = addslashes($newcomment_author); - $newcomment_author_email = addslashes($newcomment_author_email); - $newcomment_author_url = addslashes($newcomment_author_url); - $post_autobr = $HTTP_POST_VARS["post_autobr"]; + $standalone=0; + require_once ("./b2header.php"); - if (($user_level > 4) && (!empty($HTTP_POST_VARS["edit_date"]))) { - $aa = $HTTP_POST_VARS["aa"]; - $mm = $HTTP_POST_VARS["mm"]; - $jj = $HTTP_POST_VARS["jj"]; - $hh = $HTTP_POST_VARS["hh"]; - $mn = $HTTP_POST_VARS["mn"]; - $ss = $HTTP_POST_VARS["ss"]; - $jj = ($jj > 31) ? 31 : $jj; - $hh = ($hh > 23) ? $hh - 24 : $hh; - $mn = ($mn > 59) ? $mn - 60 : $mn; - $ss = ($ss > 59) ? $ss - 60 : $ss; - $datemodif = ", comment_date=\"$aa-$mm-$jj $hh:$mn:$ss\""; - } else { - $datemodif = ""; - } - $content = balanceTags($content); - $content = format_to_post($content); + if ($user_level > 0) { + if ((!$withcomments) && (!$c)) { - $query = "UPDATE $tablecomments SET comment_content=\"$content\", comment_author=\"$newcomment_author\", comment_author_email=\"$newcomment_author_email\", comment_author_url=\"$newcomment_author_url\"".$datemodif." WHERE comment_ID=$comment_ID"; - $result = mysql_query($query) or mysql_oops($query); + $action="post"; + include("b2edit.form.php"); + echo "

"; - header ("Location: b2edit.php?p=$comment_post_ID&c=1#comments"); //?a=ec"); + } -break; - -default: - - $standalone=0; - require_once ("./b2header.php"); - - if ($user_level > 0) { - if ((!$withcomments) && (!$c)) { - - $action="post"; - include("b2edit.form.php"); - echo "

"; - - } - - } else { - - echo $tabletop; ?> -

Since you're a newcomer, you'll have to wait for an admin to raise your level to 1, in order to be authorized to post.
You can also e-mail the admin to ask for a promotion.
When you're promoted, just reload this page and you'll be able to blog. :)

-
"; - - } - - include("b2edit.showposts.php"); - -} + } else { + echo $tabletop; +?> +

Since you're a newcomer, you'll have to wait for an admin to raise your level to 1, in order to be authorized to post.
You can also e-mail the admin to ask for a promotion.
When you're promoted, just reload this page and you'll be able to blog. :)

+
"; + } + include("b2edit.showposts.php"); + break; +} // end switch /*
*/ include("b2footer.php"); -?> +?> \ No newline at end of file