<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" /><style type="text/css"><!--
#msg dl { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre, #msg p { overflow: auto; background: #ffc; border: 1px #fc0 solid; padding: 6px; }
#msg ul { overflow: auto; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<title>[11807] trunk/wp-admin: Fix bulk edit,
some cleanup and message fixes for moving in/out of the trash, see #4529</title>
</head>
<body>
<div id="msg">
<dl>
<dt>Revision</dt> <dd><a href="http://trac.wordpress.org/changeset/11807">11807</a></dd>
<dt>Author</dt> <dd>azaozz</dd>
<dt>Date</dt> <dd>2009-08-12 10:57:15 +0000 (Wed, 12 Aug 2009)</dd>
</dl>
<h3>Log Message</h3>
<pre>Fix bulk edit, some cleanup and message fixes for moving in/out of the trash, see <a href="http://trac.wordpress.org/ticket/4529">#4529</a></pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkwpadmineditpagesphp">trunk/wp-admin/edit-pages.php</a></li>
<li><a href="#trunkwpadmineditphp">trunk/wp-admin/edit.php</a></li>
<li><a href="#trunkwpadminincludespostphp">trunk/wp-admin/includes/post.php</a></li>
<li><a href="#trunkwpadminpagephp">trunk/wp-admin/page.php</a></li>
<li><a href="#trunkwpadminpostphp">trunk/wp-admin/post.php</a></li>
<li><a href="#trunkwpadminuploadphp">trunk/wp-admin/upload.php</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkwpadmineditpagesphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/edit-pages.php (11806 => 11807)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/edit-pages.php 2009-08-12 01:00:21 UTC (rev 11806)
+++ trunk/wp-admin/edit-pages.php 2009-08-12 10:57:15 UTC (rev 11807)
</span><span class="lines">@@ -13,17 +13,23 @@
</span><span class="cx"> wp_die(__('Cheatin&#8217; uh?'));
</span><span class="cx">
</span><span class="cx"> // Handle bulk actions
</span><del>-if ( isset($_GET['doaction']) || isset($_GET['doaction2']) || isset($_GET['delete_all']) || isset($_GET['delete_all2']) ) {
</del><ins>+if ( isset($_GET['doaction']) || isset($_GET['doaction2']) || isset($_GET['delete_all']) || isset($_GET['delete_all2']) || isset($_GET['bulk_edit']) ) {
</ins><span class="cx"> check_admin_referer('bulk-pages');
</span><del>-
- if (isset($_GET['delete_all']) || isset($_GET['delete_all2'])) {
- $post_status = $wpdb->escape($_GET['post_status']);
- $post_ids = $wpdb->get_col( "SELECT ID FROM $wpdb->posts WHERE post_type='page' AND post_status = '$post_status'" );
</del><ins>+ $sendback = wp_get_referer();
+
+ if ( strpos($sendback, 'page.php') !== false )
+ $sendback = admin_url('page-new.php');
+
+ if ( isset($_GET['delete_all']) || isset($_GET['delete_all2']) ) {
+ $post_status = preg_replace('/[^a-z0-9_-]+/i', '', $_GET['post_status']);
+ $post_ids = $wpdb->get_col( $wpdb->prepare( "SELECT ID FROM $wpdb->posts WHERE post_type='page' AND post_status = %s", $post_status ) );
</ins><span class="cx"> $doaction = 'delete';
</span><del>- } elseif (($_GET['action'] != -1 || $_GET['action2'] != -1) && isset($_GET['post'])) {
- $post_ids = $_GET['post'];
</del><ins>+ } elseif ( ($_GET['action'] != -1 || $_GET['action2'] != -1) && isset($_GET['post']) ) {
+ $post_ids = array_map( 'intval', (array) $_GET['post'] );
</ins><span class="cx"> $doaction = ($_GET['action'] != -1) ? $_GET['action'] : $_GET['action2'];
</span><del>- } else wp_redirect($_SERVER['HTTP_REFERER']);
</del><ins>+ } else {
+ wp_redirect( admin_url('edit-pages.php') );
+ }
</ins><span class="cx">
</span><span class="cx"> switch ( $doaction ) {
</span><span class="cx"> case 'trash':
</span><span class="lines">@@ -37,64 +43,56 @@
</span><span class="cx">
</span><span class="cx"> $trashed++;
</span><span class="cx"> }
</span><ins>+ $sendback = add_query_arg('trashed', $trashed, $sendback);
</ins><span class="cx"> break;
</span><span class="cx"> case 'untrash':
</span><span class="cx"> $untrashed = 0;
</span><span class="cx"> foreach( (array) $post_ids as $post_id ) {
</span><span class="cx"> if ( !current_user_can('delete_page', $post_id) )
</span><del>- wp_die( __('You are not allowed to remove this page from the trash.') );
</del><ins>+ wp_die( __('You are not allowed to restore this page from the trash.') );
</ins><span class="cx">
</span><span class="cx"> if ( !wp_untrash_post($post_id) )
</span><del>- wp_die( __('Error in removing from trash...') );
</del><ins>+ wp_die( __('Error in restoring from trash...') );
</ins><span class="cx">
</span><span class="cx"> $untrashed++;
</span><span class="cx"> }
</span><ins>+ $sendback = add_query_arg('untrashed', $untrashed, $sendback);
</ins><span class="cx"> break;
</span><span class="cx"> case 'delete':
</span><span class="cx"> $deleted = 0;
</span><del>- foreach( (array) $post_ids as $post_id_del ) {
- $post_del = & get_post($post_id_del);
</del><ins>+ foreach( (array) $post_ids as $post_id ) {
+ $post_del = & get_post($post_id);
</ins><span class="cx">
</span><del>- if ( !current_user_can('delete_page', $post_id_del) )
</del><ins>+ if ( !current_user_can('delete_page', $post_id) )
</ins><span class="cx"> wp_die( __('You are not allowed to delete this page.') );
</span><span class="cx">
</span><span class="cx"> if ( $post_del->post_type == 'attachment' ) {
</span><del>- if ( ! wp_delete_attachment($post_id_del) )
</del><ins>+ if ( ! wp_delete_attachment($post_id) )
</ins><span class="cx"> wp_die( __('Error in deleting...') );
</span><span class="cx"> } else {
</span><del>- if ( !wp_delete_post($post_id_del) )
</del><ins>+ if ( !wp_delete_post($post_id) )
</ins><span class="cx"> wp_die( __('Error in deleting...') );
</span><span class="cx"> }
</span><span class="cx"> $deleted++;
</span><span class="cx"> }
</span><ins>+ $sendback = add_query_arg('deleted', $deleted, $sendback);
</ins><span class="cx"> break;
</span><span class="cx"> case 'edit':
</span><del>- if ( -1 == $_GET['_status'] ) {
- $_GET['post_status'] = null;
- unset($_GET['_status'], $_GET['post_status']);
- } else {
- $_GET['post_status'] = $_GET['_status'];
- }
-
</del><ins>+ $_GET['post_type'] = 'page';
</ins><span class="cx"> $done = bulk_edit_posts($_GET);
</span><ins>+
+ if ( is_array($done) ) {
+ $done['updated'] = count( $done['updated'] );
+ $done['skipped'] = count( $done['skipped'] );
+ $done['locked'] = count( $done['locked'] );
+ $sendback = add_query_arg( $done, $sendback );
+ }
</ins><span class="cx"> break;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- $sendback = wp_get_referer();
- if (strpos($sendback, 'page.php') !== false) $sendback = admin_url('page-new.php');
- elseif (strpos($sendback, 'attachments.php') !== false) $sendback = admin_url('attachments.php');
- if ( isset($done) ) {
- $done['updated'] = count( $done['updated'] );
- $done['skipped'] = count( $done['skipped'] );
- $done['locked'] = count( $done['locked'] );
- $sendback = add_query_arg( $done, $sendback );
- }
- if ( isset($deleted) )
- $sendback = add_query_arg('deleted', $deleted, $sendback);
- elseif ( isset($trashed) )
- $sendback = add_query_arg('trashed', $trashed, $sendback);
- elseif ( isset($untrashed) )
- $sendback = add_query_arg('untrashed', $untrashed, $sendback);
</del><ins>+ if ( isset($_GET['action']) )
+ $sendback = remove_query_arg( array('action', 'action2', 'post_parent', 'page_template', 'post_author', 'comment_status', 'ping_status', '_status', 'post', 'bulk_edit', 'post_view', 'post_type'), $sendback );
+
</ins><span class="cx"> wp_redirect($sendback);
</span><span class="cx"> exit();
</span><span class="cx"> } elseif ( isset($_GET['_wp_http_referer']) && ! empty($_GET['_wp_http_referer']) ) {
</span><span class="lines">@@ -181,7 +179,7 @@
</span><span class="cx"> <?php $_SERVER['REQUEST_URI'] = remove_query_arg(array('posted'), $_SERVER['REQUEST_URI']);
</span><span class="cx"> endif; ?>
</span><span class="cx">
</span><del>-<form id="posts-filter" action="" method="get">
</del><ins>+<form id="posts-filter" action="<?php echo admin_url('edit-pages.php'); ?>" method="get">
</ins><span class="cx"> <ul class="subsubsub">
</span><span class="cx"> <?php
</span><span class="cx">
</span></span></pre></div>
<a id="trunkwpadmineditphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/edit.php (11806 => 11807)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/edit.php 2009-08-12 01:00:21 UTC (rev 11806)
+++ trunk/wp-admin/edit.php 2009-08-12 10:57:15 UTC (rev 11807)
</span><span class="lines">@@ -21,25 +21,29 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> // Handle bulk actions
</span><del>-if ( isset($_GET['doaction']) || isset($_GET['doaction2']) || isset($_GET['delete_all']) || isset($_GET['delete_all2']) ) {
</del><ins>+if ( isset($_GET['doaction']) || isset($_GET['doaction2']) || isset($_GET['delete_all']) || isset($_GET['delete_all2']) || isset($_GET['bulk_edit']) ) {
</ins><span class="cx"> check_admin_referer('bulk-posts');
</span><del>-
</del><ins>+ $sendback = wp_get_referer();
+
+ if ( strpos($sendback, 'post.php') !== false )
+ $sendback = admin_url('post-new.php');
+
</ins><span class="cx"> if ( isset($_GET['delete_all']) || isset($_GET['delete_all2']) ) {
</span><del>- $post_status = $wpdb->escape($_GET['post_status']);
- $post_ids = $wpdb->get_col( "SELECT ID FROM $wpdb->posts WHERE post_type='post' AND post_status = '$post_status'" );
</del><ins>+ $post_status = preg_replace('/[^a-z0-9_-]+/i', '', $_GET['post_status']);
+ $post_ids = $wpdb->get_col( $wpdb->prepare( "SELECT ID FROM $wpdb->posts WHERE post_type='post' AND post_status = %s", $post_status ) );
</ins><span class="cx"> $doaction = 'delete';
</span><del>- } elseif (($_GET['action'] != -1 || $_GET['action2'] != -1) && isset($_GET['post'])) {
- $post_ids = $_GET['post'];
</del><ins>+ } elseif ( ($_GET['action'] != -1 || $_GET['action2'] != -1) && isset($_GET['post']) ) {
+ $post_ids = array_map( 'intval', (array) $_GET['post'] );
</ins><span class="cx"> $doaction = ($_GET['action'] != -1) ? $_GET['action'] : $_GET['action2'];
</span><del>- } else wp_redirect($_SERVER['HTTP_REFERER']);
-
</del><ins>+ } else {
+ wp_redirect( admin_url('edit.php') );
+ }
+
</ins><span class="cx"> switch ( $doaction ) {
</span><span class="cx"> case 'trash':
</span><span class="cx"> $trashed = 0;
</span><span class="cx"> foreach( (array) $post_ids as $post_id ) {
</span><del>- $post_del = & get_post($post_id);
-
- if ( !current_user_can('delete_post', $post_id_del) )
</del><ins>+ if ( !current_user_can('delete_post', $post_id) )
</ins><span class="cx"> wp_die( __('You are not allowed to move this post to the trash.') );
</span><span class="cx">
</span><span class="cx"> if ( !wp_trash_post($post_id) )
</span><span class="lines">@@ -47,66 +51,55 @@
</span><span class="cx">
</span><span class="cx"> $trashed++;
</span><span class="cx"> }
</span><ins>+ $sendback = add_query_arg('trashed', $trashed, $sendback);
</ins><span class="cx"> break;
</span><span class="cx"> case 'untrash':
</span><span class="cx"> $untrashed = 0;
</span><span class="cx"> foreach( (array) $post_ids as $post_id ) {
</span><del>- $post_del = & get_post($post_id);
</del><ins>+ if ( !current_user_can('delete_post', $post_id) )
+ wp_die( __('You are not allowed to restore this post from the trash.') );
</ins><span class="cx">
</span><del>- if ( !current_user_can('delete_post', $post_id_del) )
- wp_die( __('You are not allowed to remove this post from the trash.') );
-
</del><span class="cx"> if ( !wp_untrash_post($post_id) )
</span><del>- wp_die( __('Error in removing from trash...') );
</del><ins>+ wp_die( __('Error in restoring from trash...') );
</ins><span class="cx">
</span><span class="cx"> $untrashed++;
</span><span class="cx"> }
</span><ins>+ $sendback = add_query_arg('untrashed', $untrashed, $sendback);
</ins><span class="cx"> break;
</span><span class="cx"> case 'delete':
</span><span class="cx"> $deleted = 0;
</span><del>- foreach( (array) $post_ids as $post_id_del ) {
- $post_del = & get_post($post_id_del);
</del><ins>+ foreach( (array) $post_ids as $post_id ) {
+ $post_del = & get_post($post_id);
</ins><span class="cx">
</span><del>- if ( !current_user_can('delete_post', $post_id_del) )
</del><ins>+ if ( !current_user_can('delete_post', $post_id) )
</ins><span class="cx"> wp_die( __('You are not allowed to delete this post.') );
</span><span class="cx">
</span><span class="cx"> if ( $post_del->post_type == 'attachment' ) {
</span><del>- if ( ! wp_delete_attachment($post_id_del) )
</del><ins>+ if ( ! wp_delete_attachment($post_id) )
</ins><span class="cx"> wp_die( __('Error in deleting...') );
</span><span class="cx"> } else {
</span><del>- if ( !wp_delete_post($post_id_del) )
</del><ins>+ if ( !wp_delete_post($post_id) )
</ins><span class="cx"> wp_die( __('Error in deleting...') );
</span><span class="cx"> }
</span><span class="cx"> $deleted++;
</span><span class="cx"> }
</span><ins>+ $sendback = add_query_arg('deleted', $deleted, $sendback);
</ins><span class="cx"> break;
</span><span class="cx"> case 'edit':
</span><del>- if ( -1 == $_GET['_status'] ) {
- $_GET['post_status'] = null;
- unset($_GET['_status'], $_GET['post_status']);
- } else {
- $_GET['post_status'] = $_GET['_status'];
- }
-
</del><span class="cx"> $done = bulk_edit_posts($_GET);
</span><ins>+
+ if ( is_array($done) ) {
+ $done['updated'] = count( $done['updated'] );
+ $done['skipped'] = count( $done['skipped'] );
+ $done['locked'] = count( $done['locked'] );
+ $sendback = add_query_arg( $done, $sendback );
+ }
</ins><span class="cx"> break;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- $sendback = wp_get_referer();
- if ( strpos($sendback, 'post.php') !== false ) $sendback = admin_url('post-new.php');
- elseif ( strpos($sendback, 'attachments.php') !== false ) $sendback = admin_url('attachments.php');
- if ( isset($done) ) {
- $done['updated'] = count( $done['updated'] );
- $done['skipped'] = count( $done['skipped'] );
- $done['locked'] = count( $done['locked'] );
- $sendback = add_query_arg( $done, $sendback );
- }
- if ( isset($deleted) )
- $sendback = add_query_arg('deleted', $deleted, $sendback);
- elseif ( isset($trashed) )
- $sendback = add_query_arg('trashed', $trashed, $sendback);
- elseif ( isset($untrashed) )
- $sendback = add_query_arg('untrashed', $untrashed, $sendback);
</del><ins>+ if ( isset($_GET['action']) )
+ $sendback = remove_query_arg( array('action', 'action2', 'cat', 'tags_input', 'post_author', 'comment_status', 'ping_status', '_status', 'post', 'bulk_edit', 'post_view', 'post_type'), $sendback );
+
</ins><span class="cx"> wp_redirect($sendback);
</span><span class="cx"> exit();
</span><span class="cx"> } elseif ( isset($_GET['_wp_http_referer']) && ! empty($_GET['_wp_http_referer']) ) {
</span><span class="lines">@@ -179,7 +172,7 @@
</span><span class="cx"> </p></div>
</span><span class="cx"> <?php } ?>
</span><span class="cx">
</span><del>-<form id="posts-filter" action="" method="get">
</del><ins>+<form id="posts-filter" action="<?php echo admin_url('edit.php'); ?>" method="get">
</ins><span class="cx">
</span><span class="cx"> <ul class="subsubsub">
</span><span class="cx"> <?php
</span></span></pre></div>
<a id="trunkwpadminincludespostphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/includes/post.php (11806 => 11807)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/includes/post.php 2009-08-12 01:00:21 UTC (rev 11806)
+++ trunk/wp-admin/includes/post.php 2009-08-12 10:57:15 UTC (rev 11807)
</span><span class="lines">@@ -236,6 +236,14 @@
</span><span class="cx"> wp_die( __('You are not allowed to edit posts.') );
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+ if ( -1 == $post_data['_status'] ) {
+ $post_data['post_status'] = null;
+ unset($post_data['post_status']);
+ } else {
+ $post_data['post_status'] = $post_data['_status'];
+ }
+ unset($post_data['_status']);
+
</ins><span class="cx"> $post_IDs = array_map( 'intval', (array) $post_data['post'] );
</span><span class="cx">
</span><span class="cx"> $reset = array( 'post_author', 'post_status', 'post_password', 'post_parent', 'page_template', 'comment_status', 'ping_status', 'keep_private', 'tags_input', 'post_category', 'sticky' );
</span><span class="lines">@@ -298,7 +306,7 @@
</span><span class="cx"> $post_data['ID'] = $post_ID;
</span><span class="cx"> $updated[] = wp_update_post( $post_data );
</span><span class="cx">
</span><del>- if ( current_user_can( 'edit_others_posts' ) && isset( $post_data['sticky'] ) ) {
</del><ins>+ if ( isset( $post_data['sticky'] ) && current_user_can( 'edit_others_posts' ) ) {
</ins><span class="cx"> if ( 'sticky' == $post_data['sticky'] )
</span><span class="cx"> stick_post( $post_ID );
</span><span class="cx"> else
</span></span></pre></div>
<a id="trunkwpadminpagephp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/page.php (11806 => 11807)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/page.php 2009-08-12 01:00:21 UTC (rev 11806)
+++ trunk/wp-admin/page.php 2009-08-12 10:57:15 UTC (rev 11807)
</span><span class="lines">@@ -52,8 +52,6 @@
</span><span class="cx"> $location = add_query_arg( 'message', 3, wp_get_referer() );
</span><span class="cx"> $location = explode('#', $location);
</span><span class="cx"> $location = $location[0] . '#postcustom';
</span><del>- } elseif ($action == 'editattachment') {
- $location = 'attachments.php';
</del><span class="cx"> } else {
</span><span class="cx"> $location = add_query_arg( 'message', 1, get_edit_post_link( $page_ID, 'url' ) );
</span><span class="cx"> }
</span><span class="lines">@@ -82,9 +80,15 @@
</span><span class="cx"> $page_ID = $post_ID = $p = (int) $_GET['post'];
</span><span class="cx"> $post = get_post_to_edit($page_ID);
</span><span class="cx">
</span><del>- if ( empty($post->ID) ) wp_die( __('You attempted to edit a page that doesn&#8217;t exist. Perhaps it was deleted?') );
- if ( $post->post_status == 'trash' ) wp_die( __('You can&#8217;t edit this page because it is in the Trash. Please move it out of the Trash and try again.') );
</del><ins>+ if ( empty($post->ID) )
+ wp_die( __('You attempted to edit a page that doesn&#8217;t exist. Perhaps it was deleted?') );
</ins><span class="cx">
</span><ins>+ if ( !current_user_can('edit_page', $page_ID) )
+ wp_die( __('You are not allowed to edit this page.') );
+
+ if ( 'trash' == $post->post_status )
+ wp_die( __('You can&#8217;t edit this page because it is in the Trash. Please move it out of the Trash and try again.') );
+
</ins><span class="cx"> if ( 'page' != $post->post_type ) {
</span><span class="cx"> wp_redirect( get_edit_post_link( $post_ID, 'url' ) );
</span><span class="cx"> exit();
</span><span class="lines">@@ -97,22 +101,17 @@
</span><span class="cx"> wp_enqueue_script('media-upload');
</span><span class="cx"> wp_enqueue_script('word-count');
</span><span class="cx">
</span><del>- if ( current_user_can('edit_page', $page_ID) ) {
- if ( $last = wp_check_post_lock( $post->ID ) ) {
- $last_user = get_userdata( $last );
- $last_user_name = $last_user ? $last_user->display_name : __('Somebody');
- $message = sprintf( __( 'Warning: %s is currently editing this page' ), esc_html( $last_user_name ) );
- $message = str_replace( "'", "\'", "<div class='error'><p>$message</p></div>" );
- add_action('admin_notices', create_function( '', "echo '$message';" ) );
- } else {
- wp_set_post_lock( $post->ID );
- wp_enqueue_script('autosave');
- }
</del><ins>+ if ( $last = wp_check_post_lock( $post->ID ) ) {
+ $last_user = get_userdata( $last );
+ $last_user_name = $last_user ? $last_user->display_name : __('Somebody');
+ $message = sprintf( __( 'Warning: %s is currently editing this page' ), esc_html( $last_user_name ) );
+ $message = str_replace( "'", "\'", "<div class='error'><p>$message</p></div>" );
+ add_action('admin_notices', create_function( '', "echo '$message';" ) );
+ } else {
+ wp_set_post_lock( $post->ID );
+ wp_enqueue_script('autosave');
</ins><span class="cx"> }
</span><span class="cx">
</span><del>- if ( !current_user_can('edit_page', $page_ID) )
- die ( __('You are not allowed to edit this page.') );
-
</del><span class="cx"> include('edit-page-form.php');
</span><span class="cx"> break;
</span><span class="cx">
</span><span class="lines">@@ -142,7 +141,7 @@
</span><span class="cx"> break;
</span><span class="cx">
</span><span class="cx"> case 'trash':
</span><del>- $post_id = (isset($_GET['post'])) ? intval($_GET['post']) : intval($_POST['post_ID']);
</del><ins>+ $post_id = isset($_GET['post']) ? intval($_GET['post']) : intval($_POST['post_ID']);
</ins><span class="cx"> check_admin_referer('trash-page_' . $post_id);
</span><span class="cx">
</span><span class="cx"> $post = & get_post($post_id);
</span><span class="lines">@@ -151,38 +150,42 @@
</span><span class="cx"> wp_die( __('You are not allowed to move this page to the trash.') );
</span><span class="cx">
</span><span class="cx"> if ( !wp_trash_post($post_id) )
</span><del>- wp_die( __('Error in removing from trash...') );
</del><ins>+ wp_die( __('Error in moving to trash...') );
</ins><span class="cx">
</span><span class="cx"> $sendback = wp_get_referer();
</span><del>- if (strpos($sendback, 'page.php') !== false) $sendback = admin_url('edit-pages.php?trashed=1');
- elseif (strpos($sendback, 'attachments.php') !== false) $sendback = admin_url('attachments.php');
- else $sendback = add_query_arg('trashed', 1, $sendback);
</del><ins>+ if ( strpos($sendback, 'page.php') !== false )
+ $sendback = admin_url('edit-pages.php?trashed=1');
+ else
+ $sendback = add_query_arg('trashed', 1, $sendback);
+
</ins><span class="cx"> wp_redirect($sendback);
</span><span class="cx"> exit();
</span><span class="cx"> break;
</span><span class="cx">
</span><span class="cx"> case 'untrash':
</span><del>- $post_id = (isset($_GET['post'])) ? intval($_GET['post']) : intval($_POST['post_ID']);
</del><ins>+ $post_id = isset($_GET['post']) ? intval($_GET['post']) : intval($_POST['post_ID']);
</ins><span class="cx"> check_admin_referer('untrash-page_' . $post_id);
</span><span class="cx">
</span><span class="cx"> $post = & get_post($post_id);
</span><span class="cx">
</span><span class="cx"> if ( !current_user_can('delete_page', $page_id) )
</span><del>- wp_die( __('You are not allowed to remove this page form the trash.') );
</del><ins>+ wp_die( __('You are not allowed to move this page out of the trash.') );
</ins><span class="cx">
</span><span class="cx"> if ( !wp_untrash_post($post_id) )
</span><del>- wp_die( __('Error in removing from trash...') );
</del><ins>+ wp_die( __('Error in restoring from trash...') );
</ins><span class="cx">
</span><span class="cx"> $sendback = wp_get_referer();
</span><del>- if (strpos($sendback, 'page.php') !== false) $sendback = admin_url('edit-pages.php?untrashed=1');
- elseif (strpos($sendback, 'attachments.php') !== false) $sendback = admin_url('attachments.php');
- else $sendback = add_query_arg('untrashed', 1, $sendback);
</del><ins>+ if ( strpos($sendback, 'page.php') !== false )
+ $sendback = admin_url('edit-pages.php?untrashed=1');
+ else
+ $sendback = add_query_arg('untrashed', 1, $sendback);
+
</ins><span class="cx"> wp_redirect($sendback);
</span><span class="cx"> exit();
</span><span class="cx"> break;
</span><span class="cx">
</span><span class="cx"> case 'delete':
</span><del>- $page_id = (isset($_GET['post'])) ? intval($_GET['post']) : intval($_POST['post_ID']);
</del><ins>+ $page_id = isset($_GET['post']) ? intval($_GET['post']) : intval($_POST['post_ID']);
</ins><span class="cx"> check_admin_referer('delete-page_' . $page_id);
</span><span class="cx">
</span><span class="cx"> $page = & get_post($page_id);
</span><span class="lines">@@ -199,9 +202,11 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> $sendback = wp_get_referer();
</span><del>- if (strpos($sendback, 'page.php') !== false) $sendback = admin_url('edit-pages.php?deleted=1');
- elseif (strpos($sendback, 'attachments.php') !== false) $sendback = admin_url('attachments.php');
- else $sendback = add_query_arg('deleted', 1, $sendback);
</del><ins>+ if ( strpos($sendback, 'page.php') !== false )
+ $sendback = admin_url('edit-pages.php?deleted=1');
+ else
+ $sendback = add_query_arg('deleted', 1, $sendback);
+
</ins><span class="cx"> wp_redirect($sendback);
</span><span class="cx"> exit();
</span><span class="cx"> break;
</span></span></pre></div>
<a id="trunkwpadminpostphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/post.php (11806 => 11807)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/post.php 2009-08-12 01:00:21 UTC (rev 11806)
+++ trunk/wp-admin/post.php 2009-08-12 10:57:15 UTC (rev 11807)
</span><span class="lines">@@ -55,8 +55,6 @@
</span><span class="cx"> $location = add_query_arg( 'message', 3, wp_get_referer() );
</span><span class="cx"> $location = explode('#', $location);
</span><span class="cx"> $location = $location[0] . '#postcustom';
</span><del>- } elseif ($action == 'editattachment') {
- $location = 'attachments.php';
</del><span class="cx"> } elseif ( 'post-quickpress-save-cont' == $_POST['action'] ) {
</span><span class="cx"> $location = "post.php?action=edit&post=$post_ID&message=7";
</span><span class="cx"> } else {
</span><span class="lines">@@ -115,9 +113,15 @@
</span><span class="cx"> $post_ID = $p = (int) $_GET['post'];
</span><span class="cx"> $post = get_post($post_ID);
</span><span class="cx">
</span><del>- if ( empty($post->ID) ) wp_die( __('You attempted to edit a post that doesn&#8217;t exist. Perhaps it was deleted?') );
- if ( $post->post_status == 'trash' ) wp_die( __('You can&#8217;t edit this post because it is in the Trash. Please move it out of the Trash and try again.') );
</del><ins>+ if ( empty($post->ID) )
+ wp_die( __('You attempted to edit a post that doesn&#8217;t exist. Perhaps it was deleted?') );
</ins><span class="cx">
</span><ins>+ if ( !current_user_can('edit_post', $post_ID) )
+ wp_die( __('You are not allowed to edit this post.') );
+
+ if ( 'trash' == $post->post_status )
+ wp_die( __('You can&#8217;t edit this post because it is in the Trash. Please restore it and try again.') );
+
</ins><span class="cx"> if ( 'post' != $post->post_type ) {
</span><span class="cx"> wp_redirect( get_edit_post_link( $post->ID, 'url' ) );
</span><span class="cx"> exit();
</span><span class="lines">@@ -132,24 +136,18 @@
</span><span class="cx"> wp_enqueue_script( 'admin-comments' );
</span><span class="cx"> enqueue_comment_hotkeys_js();
</span><span class="cx">
</span><del>- if ( current_user_can('edit_post', $post_ID) ) {
- if ( $last = wp_check_post_lock( $post->ID ) ) {
- $last_user = get_userdata( $last );
- $last_user_name = $last_user ? $last_user->display_name : __('Somebody');
- $message = sprintf( __( 'Warning: %s is currently editing this post' ), esc_html( $last_user_name ) );
- $message = str_replace( "'", "\'", "<div class='error'><p>$message</p></div>" );
- add_action('admin_notices', create_function( '', "echo '$message';" ) );
- } else {
- wp_set_post_lock( $post->ID );
- wp_enqueue_script('autosave');
- }
</del><ins>+ if ( $last = wp_check_post_lock( $post->ID ) ) {
+ $last_user = get_userdata( $last );
+ $last_user_name = $last_user ? $last_user->display_name : __('Somebody');
+ $message = sprintf( __( 'Warning: %s is currently editing this post' ), esc_html( $last_user_name ) );
+ $message = str_replace( "'", "\'", "<div class='error'><p>$message</p></div>" );
+ add_action('admin_notices', create_function( '', "echo '$message';" ) );
+ } else {
+ wp_set_post_lock( $post->ID );
+ wp_enqueue_script('autosave');
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> $title = __('Edit Post');
</span><del>-
- if ( !current_user_can('edit_post', $post_ID) )
- die ( __('You are not allowed to edit this post.') );
-
</del><span class="cx"> $post = get_post_to_edit($post_ID);
</span><span class="cx">
</span><span class="cx"> include('edit-form-advanced.php');
</span><span class="lines">@@ -183,7 +181,7 @@
</span><span class="cx"> break;
</span><span class="cx">
</span><span class="cx"> case 'trash':
</span><del>- $post_id = (isset($_GET['post'])) ? intval($_GET['post']) : intval($_POST['post_ID']);
</del><ins>+ $post_id = isset($_GET['post']) ? intval($_GET['post']) : intval($_POST['post_ID']);
</ins><span class="cx"> check_admin_referer('trash-post_' . $post_id);
</span><span class="cx">
</span><span class="cx"> $post = & get_post($post_id);
</span><span class="lines">@@ -195,29 +193,33 @@
</span><span class="cx"> wp_die( __('Error in moving to trash...') );
</span><span class="cx">
</span><span class="cx"> $sendback = wp_get_referer();
</span><del>- if (strpos($sendback, 'post.php') !== false) $sendback = admin_url('edit.php?trashed=1');
- elseif (strpos($sendback, 'attachments.php') !== false) $sendback = admin_url('attachments.php');
- else $sendback = add_query_arg('trashed', 1, $sendback);
</del><ins>+ if ( strpos($sendback, 'post.php') !== false )
+ $sendback = admin_url('edit.php?trashed=1');
+ else
+ $sendback = add_query_arg('trashed', 1, $sendback);
+
</ins><span class="cx"> wp_redirect($sendback);
</span><span class="cx"> exit();
</span><span class="cx"> break;
</span><span class="cx">
</span><span class="cx"> case 'untrash':
</span><del>- $post_id = (isset($_GET['post'])) ? intval($_GET['post']) : intval($_POST['post_ID']);
</del><ins>+ $post_id = isset($_GET['post']) ? intval($_GET['post']) : intval($_POST['post_ID']);
</ins><span class="cx"> check_admin_referer('untrash-post_' . $post_id);
</span><span class="cx">
</span><span class="cx"> $post = & get_post($post_id);
</span><span class="cx">
</span><span class="cx"> if ( !current_user_can('delete_post', $post_id) )
</span><del>- wp_die( __('You are not allowed to remove this post from the trash.') );
</del><ins>+ wp_die( __('You are not allowed to move this post out of the trash.') );
</ins><span class="cx">
</span><span class="cx"> if ( ! wp_untrash_post($post_id) )
</span><del>- wp_die( __('Error in removing from trash...') );
</del><ins>+ wp_die( __('Error in restoring from trash...') );
</ins><span class="cx">
</span><span class="cx"> $sendback = wp_get_referer();
</span><del>- if (strpos($sendback, 'post.php') !== false) $sendback = admin_url('edit.php?untrashed=1');
- elseif (strpos($sendback, 'attachments.php') !== false) $sendback = admin_url('attachments.php');
- else $sendback = add_query_arg('untrashed', 1, $sendback);
</del><ins>+ if ( strpos($sendback, 'post.php') !== false )
+ $sendback = admin_url('edit.php?untrashed=1');
+ else
+ $sendback = add_query_arg('untrashed', 1, $sendback);
+
</ins><span class="cx"> wp_redirect($sendback);
</span><span class="cx"> exit();
</span><span class="cx"> break;
</span><span class="lines">@@ -240,9 +242,11 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> $sendback = wp_get_referer();
</span><del>- if (strpos($sendback, 'post.php') !== false) $sendback = admin_url('edit.php?deleted=1');
- elseif (strpos($sendback, 'attachments.php') !== false) $sendback = admin_url('attachments.php');
- else $sendback = add_query_arg('deleted', 1, $sendback);
</del><ins>+ if ( strpos($sendback, 'post.php') !== false )
+ $sendback = admin_url('edit.php?deleted=1');
+ else
+ $sendback = add_query_arg('deleted', 1, $sendback);
+
</ins><span class="cx"> wp_redirect($sendback);
</span><span class="cx"> exit();
</span><span class="cx"> break;
</span></span></pre></div>
<a id="trunkwpadminuploadphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/upload.php (11806 => 11807)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/upload.php 2009-08-12 01:00:21 UTC (rev 11806)
+++ trunk/wp-admin/upload.php 2009-08-12 10:57:15 UTC (rev 11807)
</span><span class="lines">@@ -11,13 +11,13 @@
</span><span class="cx"> wp_enqueue_script( 'wp-ajax-response' );
</span><span class="cx"> wp_enqueue_script( 'jquery-ui-draggable' );
</span><span class="cx">
</span><del>-if (!current_user_can('upload_files'))
</del><ins>+if ( !current_user_can('upload_files') )
</ins><span class="cx"> wp_die(__('You do not have permission to upload files.'));
</span><span class="cx">
</span><del>-if ( isset($_GET['find_detached'] ) ) {
</del><ins>+if ( isset($_GET['find_detached']) ) {
</ins><span class="cx"> check_admin_referer('bulk-media');
</span><span class="cx">
</span><del>- if ( ! current_user_can('edit_posts') )
</del><ins>+ if ( !current_user_can('edit_posts') )
</ins><span class="cx"> wp_die( __('You are not allowed to scan for lost attachments.') );
</span><span class="cx">
</span><span class="cx"> $all_posts = $wpdb->get_col("SELECT ID FROM $wpdb->posts WHERE post_type = 'post' OR post_type = 'page'");
</span><span class="lines">@@ -99,7 +99,7 @@
</span><span class="cx"> case 'untrash':
</span><span class="cx"> foreach( (array) $post_ids as $post_id ) {
</span><span class="cx"> if ( !current_user_can('delete_post', $post_id) )
</span><del>- wp_die( __('You are not allowed to remove this post from the trash.') );
</del><ins>+ wp_die( __('You are not allowed to move this post out of the trash.') );
</ins><span class="cx">
</span><span class="cx"> if ( !wp_untrash_post($post_id) )
</span><span class="cx"> wp_die( __('Error in restoring from trash...') );
</span></span></pre>
</div>
</div>
</body>
</html>