mp-wp_genesis 1 <?php
mp-wp_genesis 2 /**
mp-wp_genesis 3 * WordPress AJAX Process Execution.
mp-wp_genesis 4 *
mp-wp_genesis 5 * @package WordPress
mp-wp_genesis 6 * @subpackage Administration
mp-wp_genesis 7 */
mp-wp_genesis 8
mp-wp_genesis 9 /**
mp-wp_genesis 10 * Executing AJAX process.
mp-wp_genesis 11 *
mp-wp_genesis 12 * @since unknown
mp-wp_genesis 13 */
mp-wp_genesis 14 define('DOING_AJAX', true);
mp-wp_genesis 15 define('WP_ADMIN', true);
mp-wp_genesis 16
mp-wp_genesis 17 require_once('../wp-load.php');
mp-wp_genesis 18 require_once('includes/admin.php');
mp-wp_genesis 19
mp-wp_genesis 20 if ( ! is_user_logged_in() ) {
mp-wp_genesis 21
mp-wp_genesis 22 if ( $_POST['action'] == 'autosave' ) {
mp-wp_genesis 23 $id = isset($_POST['post_ID'])? (int) $_POST['post_ID'] : 0;
mp-wp_genesis 24
mp-wp_genesis 25 if ( ! $id )
mp-wp_genesis 26 die('-1');
mp-wp_genesis 27
mp-wp_genesis 28 $message = sprintf( __('<strong>ALERT: You are logged out!</strong> Could not save draft. <a href="%s" target="blank">Please log in again.</a>'), wp_login_url() );
mp-wp_genesis 29 $x = new WP_Ajax_Response( array(
mp-wp_genesis 30 'what' => 'autosave',
mp-wp_genesis 31 'id' => $id,
mp-wp_genesis 32 'data' => $message
mp-wp_genesis 33 ) );
mp-wp_genesis 34 $x->send();
mp-wp_genesis 35 }
mp-wp_genesis 36
mp-wp_genesis 37 die('-1');
mp-wp_genesis 38 }
mp-wp_genesis 39
mp-wp_genesis 40 if ( isset( $_GET['action'] ) ) :
mp-wp_genesis 41 switch ( $action = $_GET['action'] ) :
mp-wp_genesis 42 case 'ajax-tag-search' :
mp-wp_genesis 43 if ( !current_user_can( 'manage_categories' ) )
mp-wp_genesis 44 die('-1');
mp-wp_genesis 45
mp-wp_genesis 46 $s = $_GET['q']; // is this slashed already?
mp-wp_genesis 47
mp-wp_genesis 48 if ( false !== strpos( $s, ',' ) ) {
mp-wp_genesis 49 $s = explode( ',', $s );
mp-wp_genesis 50 $s = $s[count( $s ) - 1];
mp-wp_genesis 51 }
mp-wp_genesis 52 $s = trim( $s );
mp-wp_genesis 53 if ( strlen( $s ) < 2 )
mp-wp_genesis 54 die; // require 2 chars for matching
mp-wp_genesis 55 $results = $wpdb->get_col( "SELECT t.name FROM $wpdb->term_taxonomy AS tt INNER JOIN $wpdb->terms AS t ON tt.term_id = t.term_id WHERE tt.taxonomy = 'post_tag' AND t.name LIKE ('%". $s . "%')" );
mp-wp_genesis 56 echo join( $results, "\n" );
mp-wp_genesis 57 die;
mp-wp_genesis 58 break;
mp-wp_genesis 59 default :
mp-wp_genesis 60 do_action( 'wp_ajax_' . $_GET['action'] );
mp-wp_genesis 61 die('0');
mp-wp_genesis 62 break;
mp-wp_genesis 63 endswitch;
mp-wp_genesis 64 endif;
mp-wp_genesis 65
mp-wp_genesis 66 $id = isset($_POST['id'])? (int) $_POST['id'] : 0;
mp-wp_genesis 67 switch ( $action = $_POST['action'] ) :
mp-wp_genesis 68 case 'delete-comment' :
mp-wp_genesis 69 check_ajax_referer( "delete-comment_$id" );
mp-wp_genesis 70 if ( !$comment = get_comment( $id ) )
mp-wp_genesis 71 die('1');
mp-wp_genesis 72 if ( !current_user_can( 'edit_post', $comment->comment_post_ID ) )
mp-wp_genesis 73 die('-1');
mp-wp_genesis 74
mp-wp_genesis 75 if ( isset($_POST['spam']) && 1 == $_POST['spam'] ) {
mp-wp_genesis 76 if ( 'spam' == wp_get_comment_status( $comment->comment_ID ) )
mp-wp_genesis 77 die('1');
mp-wp_genesis 78 $r = wp_set_comment_status( $comment->comment_ID, 'spam' );
mp-wp_genesis 79 } else {
mp-wp_genesis 80 $r = wp_delete_comment( $comment->comment_ID );
mp-wp_genesis 81 }
mp-wp_genesis 82
mp-wp_genesis 83 die( $r ? '1' : '0' );
mp-wp_genesis 84 break;
mp-wp_genesis 85 case 'delete-cat' :
mp-wp_genesis 86 check_ajax_referer( "delete-category_$id" );
mp-wp_genesis 87 if ( !current_user_can( 'manage_categories' ) )
mp-wp_genesis 88 die('-1');
mp-wp_genesis 89
mp-wp_genesis 90 $cat = get_category( $id );
mp-wp_genesis 91 if ( !$cat || is_wp_error( $cat ) )
mp-wp_genesis 92 die('1');
mp-wp_genesis 93
mp-wp_genesis 94 if ( wp_delete_category( $id ) )
mp-wp_genesis 95 die('1');
mp-wp_genesis 96 else
mp-wp_genesis 97 die('0');
mp-wp_genesis 98 break;
mp-wp_genesis 99 case 'delete-tag' :
mp-wp_genesis 100 check_ajax_referer( "delete-tag_$id" );
mp-wp_genesis 101 if ( !current_user_can( 'manage_categories' ) )
mp-wp_genesis 102 die('-1');
mp-wp_genesis 103
mp-wp_genesis 104 $tag = get_term( $id, 'post_tag' );
mp-wp_genesis 105 if ( !$tag || is_wp_error( $tag ) )
mp-wp_genesis 106 die('1');
mp-wp_genesis 107
mp-wp_genesis 108 if ( wp_delete_term($id, 'post_tag'))
mp-wp_genesis 109 die('1');
mp-wp_genesis 110 else
mp-wp_genesis 111 die('0');
mp-wp_genesis 112 break;
mp-wp_genesis 113 case 'delete-link-cat' :
mp-wp_genesis 114 check_ajax_referer( "delete-link-category_$id" );
mp-wp_genesis 115 if ( !current_user_can( 'manage_categories' ) )
mp-wp_genesis 116 die('-1');
mp-wp_genesis 117
mp-wp_genesis 118 $cat = get_term( $id, 'link_category' );
mp-wp_genesis 119 if ( !$cat || is_wp_error( $cat ) )
mp-wp_genesis 120 die('1');
mp-wp_genesis 121
mp-wp_genesis 122 $cat_name = get_term_field('name', $id, 'link_category');
mp-wp_genesis 123
mp-wp_genesis 124 // Don't delete the default cats.
mp-wp_genesis 125 if ( $id == get_option('default_link_category') ) {
mp-wp_genesis 126 $x = new WP_AJAX_Response( array(
mp-wp_genesis 127 'what' => 'link-cat',
mp-wp_genesis 128 'id' => $id,
mp-wp_genesis 129 'data' => new WP_Error( 'default-link-cat', sprintf(__("Can’t delete the <strong>%s</strong> category: this is the default one"), $cat_name) )
mp-wp_genesis 130 ) );
mp-wp_genesis 131 $x->send();
mp-wp_genesis 132 }
mp-wp_genesis 133
mp-wp_genesis 134 $r = wp_delete_term($id, 'link_category');
mp-wp_genesis 135 if ( !$r )
mp-wp_genesis 136 die('0');
mp-wp_genesis 137 if ( is_wp_error($r) ) {
mp-wp_genesis 138 $x = new WP_AJAX_Response( array(
mp-wp_genesis 139 'what' => 'link-cat',
mp-wp_genesis 140 'id' => $id,
mp-wp_genesis 141 'data' => $r
mp-wp_genesis 142 ) );
mp-wp_genesis 143 $x->send();
mp-wp_genesis 144 }
mp-wp_genesis 145 die('1');
mp-wp_genesis 146 break;
mp-wp_genesis 147 case 'delete-link' :
mp-wp_genesis 148 check_ajax_referer( "delete-bookmark_$id" );
mp-wp_genesis 149 if ( !current_user_can( 'manage_links' ) )
mp-wp_genesis 150 die('-1');
mp-wp_genesis 151
mp-wp_genesis 152 $link = get_bookmark( $id );
mp-wp_genesis 153 if ( !$link || is_wp_error( $link ) )
mp-wp_genesis 154 die('1');
mp-wp_genesis 155
mp-wp_genesis 156 if ( wp_delete_link( $id ) )
mp-wp_genesis 157 die('1');
mp-wp_genesis 158 else
mp-wp_genesis 159 die('0');
mp-wp_genesis 160 break;
mp-wp_genesis 161 case 'delete-meta' :
mp-wp_genesis 162 check_ajax_referer( "delete-meta_$id" );
mp-wp_genesis 163 if ( !$meta = get_post_meta_by_id( $id ) )
mp-wp_genesis 164 die('1');
mp-wp_genesis 165
mp-wp_genesis 166 if ( !current_user_can( 'edit_post', $meta->post_id ) )
mp-wp_genesis 167 die('-1');
mp-wp_genesis 168 if ( delete_meta( $meta->meta_id ) )
mp-wp_genesis 169 die('1');
mp-wp_genesis 170 die('0');
mp-wp_genesis 171 break;
mp-wp_genesis 172 case 'delete-post' :
mp-wp_genesis 173 check_ajax_referer( "{$action}_$id" );
mp-wp_genesis 174 if ( !current_user_can( 'delete_post', $id ) )
mp-wp_genesis 175 die('-1');
mp-wp_genesis 176
mp-wp_genesis 177 if ( !get_post( $id ) )
mp-wp_genesis 178 die('1');
mp-wp_genesis 179
mp-wp_genesis 180 if ( wp_delete_post( $id ) )
mp-wp_genesis 181 die('1');
mp-wp_genesis 182 else
mp-wp_genesis 183 die('0');
mp-wp_genesis 184 break;
mp-wp_genesis 185 case 'delete-page' :
mp-wp_genesis 186 check_ajax_referer( "{$action}_$id" );
mp-wp_genesis 187 if ( !current_user_can( 'delete_page', $id ) )
mp-wp_genesis 188 die('-1');
mp-wp_genesis 189
mp-wp_genesis 190 if ( !get_page( $id ) )
mp-wp_genesis 191 die('1');
mp-wp_genesis 192
mp-wp_genesis 193 if ( wp_delete_post( $id ) )
mp-wp_genesis 194 die('1');
mp-wp_genesis 195 else
mp-wp_genesis 196 die('0');
mp-wp_genesis 197 break;
mp-wp_genesis 198 case 'dim-comment' :
mp-wp_genesis 199 if ( !$comment = get_comment( $id ) )
mp-wp_genesis 200 die('0');
mp-wp_genesis 201
mp-wp_genesis 202 if ( !current_user_can( 'edit_post', $comment->comment_post_ID ) )
mp-wp_genesis 203 die('-1');
mp-wp_genesis 204 if ( !current_user_can( 'moderate_comments' ) )
mp-wp_genesis 205 die('-1');
mp-wp_genesis 206
mp-wp_genesis 207 $current = wp_get_comment_status( $comment->comment_ID );
mp-wp_genesis 208 if ( $_POST['new'] == $current )
mp-wp_genesis 209 die('1');
mp-wp_genesis 210
mp-wp_genesis 211 if ( in_array( $current, array( 'unapproved', 'spam' ) ) ) {
mp-wp_genesis 212 check_ajax_referer( "approve-comment_$id" );
mp-wp_genesis 213 if ( wp_set_comment_status( $comment->comment_ID, 'approve' ) )
mp-wp_genesis 214 die('1');
mp-wp_genesis 215 } else {
mp-wp_genesis 216 check_ajax_referer( "unapprove-comment_$id" );
mp-wp_genesis 217 if ( wp_set_comment_status( $comment->comment_ID, 'hold' ) )
mp-wp_genesis 218 die('1');
mp-wp_genesis 219 }
mp-wp_genesis 220 die('0');
mp-wp_genesis 221 break;
mp-wp_genesis 222 case 'add-category' : // On the Fly
mp-wp_genesis 223 check_ajax_referer( $action );
mp-wp_genesis 224 if ( !current_user_can( 'manage_categories' ) )
mp-wp_genesis 225 die('-1');
mp-wp_genesis 226 $names = explode(',', $_POST['newcat']);
mp-wp_genesis 227 if ( 0 > $parent = (int) $_POST['newcat_parent'] )
mp-wp_genesis 228 $parent = 0;
mp-wp_genesis 229 $post_category = isset($_POST['post_category'])? (array) $_POST['post_category'] : array();
mp-wp_genesis 230 $checked_categories = array_map( 'absint', (array) $post_category );
mp-wp_genesis 231 $popular_ids = isset( $_POST['popular_ids'] ) ?
mp-wp_genesis 232 array_map( 'absint', explode( ',', $_POST['popular_ids'] ) ) :
mp-wp_genesis 233 false;
mp-wp_genesis 234
mp-wp_genesis 235 $x = new WP_Ajax_Response();
mp-wp_genesis 236 foreach ( $names as $cat_name ) {
mp-wp_genesis 237 $cat_name = trim($cat_name);
mp-wp_genesis 238 $category_nicename = sanitize_title($cat_name);
mp-wp_genesis 239 if ( '' === $category_nicename )
mp-wp_genesis 240 continue;
mp-wp_genesis 241 $cat_id = wp_create_category( $cat_name, $parent );
mp-wp_genesis 242 $checked_categories[] = $cat_id;
mp-wp_genesis 243 if ( $parent ) // Do these all at once in a second
mp-wp_genesis 244 continue;
mp-wp_genesis 245 $category = get_category( $cat_id );
mp-wp_genesis 246 ob_start();
mp-wp_genesis 247 wp_category_checklist( 0, $cat_id, $checked_categories, $popular_ids );
mp-wp_genesis 248 $data = ob_get_contents();
mp-wp_genesis 249 ob_end_clean();
mp-wp_genesis 250 $x->add( array(
mp-wp_genesis 251 'what' => 'category',
mp-wp_genesis 252 'id' => $cat_id,
mp-wp_genesis 253 'data' => $data,
mp-wp_genesis 254 'position' => -1
mp-wp_genesis 255 ) );
mp-wp_genesis 256 }
mp-wp_genesis 257 if ( $parent ) { // Foncy - replace the parent and all its children
mp-wp_genesis 258 $parent = get_category( $parent );
mp-wp_genesis 259 ob_start();
mp-wp_genesis 260 dropdown_categories( 0, $parent );
mp-wp_genesis 261 $data = ob_get_contents();
mp-wp_genesis 262 ob_end_clean();
mp-wp_genesis 263 $x->add( array(
mp-wp_genesis 264 'what' => 'category',
mp-wp_genesis 265 'id' => $parent->term_id,
mp-wp_genesis 266 'old_id' => $parent->term_id,
mp-wp_genesis 267 'data' => $data,
mp-wp_genesis 268 'position' => -1
mp-wp_genesis 269 ) );
mp-wp_genesis 270
mp-wp_genesis 271 }
mp-wp_genesis 272 $x->send();
mp-wp_genesis 273 break;
mp-wp_genesis 274 case 'add-link-category' : // On the Fly
mp-wp_genesis 275 check_ajax_referer( $action );
mp-wp_genesis 276 if ( !current_user_can( 'manage_categories' ) )
mp-wp_genesis 277 die('-1');
mp-wp_genesis 278 $names = explode(',', $_POST['newcat']);
mp-wp_genesis 279 $x = new WP_Ajax_Response();
mp-wp_genesis 280 foreach ( $names as $cat_name ) {
mp-wp_genesis 281 $cat_name = trim($cat_name);
mp-wp_genesis 282 $slug = sanitize_title($cat_name);
mp-wp_genesis 283 if ( '' === $slug )
mp-wp_genesis 284 continue;
mp-wp_genesis 285 if ( !$cat_id = is_term( $cat_name, 'link_category' ) ) {
mp-wp_genesis 286 $cat_id = wp_insert_term( $cat_name, 'link_category' );
mp-wp_genesis 287 }
mp-wp_genesis 288 $cat_id = $cat_id['term_id'];
mp-wp_genesis 289 $cat_name = wp_specialchars(stripslashes($cat_name));
mp-wp_genesis 290 $x->add( array(
mp-wp_genesis 291 'what' => 'link-category',
mp-wp_genesis 292 'id' => $cat_id,
mp-wp_genesis 293 'data' => "<li id='link-category-$cat_id'><label for='in-link-category-$cat_id' class='selectit'><input value='$cat_id' type='checkbox' checked='checked' name='link_category[]' id='in-link-category-$cat_id'/> $cat_name</label></li>",
mp-wp_genesis 294 'position' => -1
mp-wp_genesis 295 ) );
mp-wp_genesis 296 }
mp-wp_genesis 297 $x->send();
mp-wp_genesis 298 break;
mp-wp_genesis 299 case 'add-cat' : // From Manage->Categories
mp-wp_genesis 300 check_ajax_referer( 'add-category' );
mp-wp_genesis 301 if ( !current_user_can( 'manage_categories' ) )
mp-wp_genesis 302 die('-1');
mp-wp_genesis 303
mp-wp_genesis 304 if ( '' === trim($_POST['cat_name']) ) {
mp-wp_genesis 305 $x = new WP_Ajax_Response( array(
mp-wp_genesis 306 'what' => 'cat',
mp-wp_genesis 307 'id' => new WP_Error( 'cat_name', __('You did not enter a category name.') )
mp-wp_genesis 308 ) );
mp-wp_genesis 309 $x->send();
mp-wp_genesis 310 }
mp-wp_genesis 311
mp-wp_genesis 312 if ( category_exists( trim( $_POST['cat_name'] ) ) ) {
mp-wp_genesis 313 $x = new WP_Ajax_Response( array(
mp-wp_genesis 314 'what' => 'cat',
mp-wp_genesis 315 'id' => new WP_Error( 'cat_exists', __('The category you are trying to create already exists.'), array( 'form-field' => 'cat_name' ) ),
mp-wp_genesis 316 ) );
mp-wp_genesis 317 $x->send();
mp-wp_genesis 318 }
mp-wp_genesis 319
mp-wp_genesis 320 $cat = wp_insert_category( $_POST, true );
mp-wp_genesis 321
mp-wp_genesis 322 if ( is_wp_error($cat) ) {
mp-wp_genesis 323 $x = new WP_Ajax_Response( array(
mp-wp_genesis 324 'what' => 'cat',
mp-wp_genesis 325 'id' => $cat
mp-wp_genesis 326 ) );
mp-wp_genesis 327 $x->send();
mp-wp_genesis 328 }
mp-wp_genesis 329
mp-wp_genesis 330 if ( !$cat || (!$cat = get_category( $cat )) )
mp-wp_genesis 331 die('0');
mp-wp_genesis 332
mp-wp_genesis 333 $level = 0;
mp-wp_genesis 334 $cat_full_name = $cat->name;
mp-wp_genesis 335 $_cat = $cat;
mp-wp_genesis 336 while ( $_cat->parent ) {
mp-wp_genesis 337 $_cat = get_category( $_cat->parent );
mp-wp_genesis 338 $cat_full_name = $_cat->name . ' — ' . $cat_full_name;
mp-wp_genesis 339 $level++;
mp-wp_genesis 340 }
mp-wp_genesis 341 $cat_full_name = attribute_escape($cat_full_name);
mp-wp_genesis 342
mp-wp_genesis 343 $x = new WP_Ajax_Response( array(
mp-wp_genesis 344 'what' => 'cat',
mp-wp_genesis 345 'id' => $cat->term_id,
mp-wp_genesis 346 'position' => -1,
mp-wp_genesis 347 'data' => _cat_row( $cat, $level, $cat_full_name ),
mp-wp_genesis 348 'supplemental' => array('name' => $cat_full_name, 'show-link' => sprintf(__( 'Category <a href="#%s">%s</a> added' ), "cat-$cat->term_id", $cat_full_name))
mp-wp_genesis 349 ) );
mp-wp_genesis 350 $x->send();
mp-wp_genesis 351 break;
mp-wp_genesis 352 case 'add-link-cat' : // From Blogroll -> Categories
mp-wp_genesis 353 check_ajax_referer( 'add-link-category' );
mp-wp_genesis 354 if ( !current_user_can( 'manage_categories' ) )
mp-wp_genesis 355 die('-1');
mp-wp_genesis 356
mp-wp_genesis 357 if ( '' === trim($_POST['name']) ) {
mp-wp_genesis 358 $x = new WP_Ajax_Response( array(
mp-wp_genesis 359 'what' => 'link-cat',
mp-wp_genesis 360 'id' => new WP_Error( 'name', __('You did not enter a category name.') )
mp-wp_genesis 361 ) );
mp-wp_genesis 362 $x->send();
mp-wp_genesis 363 }
mp-wp_genesis 364
mp-wp_genesis 365 $r = wp_insert_term($_POST['name'], 'link_category', $_POST );
mp-wp_genesis 366 if ( is_wp_error( $r ) ) {
mp-wp_genesis 367 $x = new WP_AJAX_Response( array(
mp-wp_genesis 368 'what' => 'link-cat',
mp-wp_genesis 369 'id' => $r
mp-wp_genesis 370 ) );
mp-wp_genesis 371 $x->send();
mp-wp_genesis 372 }
mp-wp_genesis 373
mp-wp_genesis 374 extract($r, EXTR_SKIP);
mp-wp_genesis 375
mp-wp_genesis 376 if ( !$link_cat = link_cat_row( $term_id ) )
mp-wp_genesis 377 die('0');
mp-wp_genesis 378
mp-wp_genesis 379 $x = new WP_Ajax_Response( array(
mp-wp_genesis 380 'what' => 'link-cat',
mp-wp_genesis 381 'id' => $term_id,
mp-wp_genesis 382 'position' => -1,
mp-wp_genesis 383 'data' => $link_cat
mp-wp_genesis 384 ) );
mp-wp_genesis 385 $x->send();
mp-wp_genesis 386 break;
mp-wp_genesis 387 case 'add-tag' : // From Manage->Tags
mp-wp_genesis 388 check_ajax_referer( 'add-tag' );
mp-wp_genesis 389 if ( !current_user_can( 'manage_categories' ) )
mp-wp_genesis 390 die('-1');
mp-wp_genesis 391
mp-wp_genesis 392 if ( '' === trim($_POST['name']) ) {
mp-wp_genesis 393 $x = new WP_Ajax_Response( array(
mp-wp_genesis 394 'what' => 'tag',
mp-wp_genesis 395 'id' => new WP_Error( 'name', __('You did not enter a tag name.') )
mp-wp_genesis 396 ) );
mp-wp_genesis 397 $x->send();
mp-wp_genesis 398 }
mp-wp_genesis 399
mp-wp_genesis 400 $tag = wp_insert_term($_POST['name'], 'post_tag', $_POST );
mp-wp_genesis 401
mp-wp_genesis 402 if ( is_wp_error($tag) ) {
mp-wp_genesis 403 $x = new WP_Ajax_Response( array(
mp-wp_genesis 404 'what' => 'tag',
mp-wp_genesis 405 'id' => $tag
mp-wp_genesis 406 ) );
mp-wp_genesis 407 $x->send();
mp-wp_genesis 408 }
mp-wp_genesis 409
mp-wp_genesis 410 if ( !$tag || (!$tag = get_term( $tag['term_id'], 'post_tag' )) )
mp-wp_genesis 411 die('0');
mp-wp_genesis 412
mp-wp_genesis 413 $tag_full_name = $tag->name;
mp-wp_genesis 414 $tag_full_name = attribute_escape($tag_full_name);
mp-wp_genesis 415
mp-wp_genesis 416 $x = new WP_Ajax_Response( array(
mp-wp_genesis 417 'what' => 'tag',
mp-wp_genesis 418 'id' => $tag->term_id,
mp-wp_genesis 419 'position' => '-1',
mp-wp_genesis 420 'data' => _tag_row( $tag ),
mp-wp_genesis 421 'supplemental' => array('name' => $tag_full_name, 'show-link' => sprintf(__( 'Tag <a href="#%s">%s</a> added' ), "tag-$tag->term_id", $tag_full_name))
mp-wp_genesis 422 ) );
mp-wp_genesis 423 $x->send();
mp-wp_genesis 424 break;
mp-wp_genesis 425 case 'get-tagcloud' :
mp-wp_genesis 426 if ( !current_user_can( 'manage_categories' ) )
mp-wp_genesis 427 die('-1');
mp-wp_genesis 428
mp-wp_genesis 429 $tags = get_tags( array( 'number' => 45, 'orderby' => 'count', 'order' => 'DESC' ) );
mp-wp_genesis 430
mp-wp_genesis 431 if ( empty( $tags ) )
mp-wp_genesis 432 die( __('No tags found!') );
mp-wp_genesis 433
mp-wp_genesis 434 foreach ( $tags as $key => $tag ) {
mp-wp_genesis 435 $tags[ $key ]->link = '#';
mp-wp_genesis 436 $tags[ $key ]->id = $tag->term_id;
mp-wp_genesis 437 }
mp-wp_genesis 438
mp-wp_genesis 439 $return = wp_generate_tag_cloud( $tags );
mp-wp_genesis 440
mp-wp_genesis 441 if ( empty($return) )
mp-wp_genesis 442 die('0');
mp-wp_genesis 443
mp-wp_genesis 444 echo $return;
mp-wp_genesis 445
mp-wp_genesis 446 exit;
mp-wp_genesis 447 break;
mp-wp_genesis 448 case 'add-comment' :
mp-wp_genesis 449 check_ajax_referer( $action );
mp-wp_genesis 450 if ( !current_user_can( 'edit_post', $id ) )
mp-wp_genesis 451 die('-1');
mp-wp_genesis 452 $search = isset($_POST['s']) ? $_POST['s'] : false;
mp-wp_genesis 453 $start = isset($_POST['page']) ? intval($_POST['page']) * 25 - 1: 24;
mp-wp_genesis 454 $status = isset($_POST['comment_status']) ? $_POST['comment_status'] : false;
mp-wp_genesis 455 $mode = isset($_POST['mode']) ? $_POST['mode'] : 'detail';
mp-wp_genesis 456 $p = isset($_POST['p']) ? $_POST['p'] : 0;
mp-wp_genesis 457 $comment_type = isset($_POST['comment_type']) ? $_POST['comment_type'] : '';
mp-wp_genesis 458 list($comments, $total) = _wp_get_comment_list( $status, $search, $start, 1, $p, $comment_type );
mp-wp_genesis 459
mp-wp_genesis 460 if ( get_option('show_avatars') )
mp-wp_genesis 461 add_filter( 'comment_author', 'floated_admin_avatar' );
mp-wp_genesis 462
mp-wp_genesis 463 if ( !$comments )
mp-wp_genesis 464 die('1');
mp-wp_genesis 465 $x = new WP_Ajax_Response();
mp-wp_genesis 466 foreach ( (array) $comments as $comment ) {
mp-wp_genesis 467 get_comment( $comment );
mp-wp_genesis 468 ob_start();
mp-wp_genesis 469 _wp_comment_row( $comment->comment_ID, $mode, $status, true, true );
mp-wp_genesis 470 $comment_list_item = ob_get_contents();
mp-wp_genesis 471 ob_end_clean();
mp-wp_genesis 472 $x->add( array(
mp-wp_genesis 473 'what' => 'comment',
mp-wp_genesis 474 'id' => $comment->comment_ID,
mp-wp_genesis 475 'data' => $comment_list_item
mp-wp_genesis 476 ) );
mp-wp_genesis 477 }
mp-wp_genesis 478 $x->send();
mp-wp_genesis 479 break;
mp-wp_genesis 480 case 'get-comments' :
mp-wp_genesis 481 check_ajax_referer( $action );
mp-wp_genesis 482
mp-wp_genesis 483 $post_ID = (int) $_POST['post_ID'];
mp-wp_genesis 484 if ( !current_user_can( 'edit_post', $post_ID ) )
mp-wp_genesis 485 die('-1');
mp-wp_genesis 486
mp-wp_genesis 487 $start = isset($_POST['start']) ? intval($_POST['start']) : 0;
mp-wp_genesis 488 $num = isset($_POST['num']) ? intval($_POST['num']) : 10;
mp-wp_genesis 489
mp-wp_genesis 490 list($comments, $total) = _wp_get_comment_list( false, false, $start, $num, $post_ID );
mp-wp_genesis 491
mp-wp_genesis 492 if ( !$comments )
mp-wp_genesis 493 die('1');
mp-wp_genesis 494
mp-wp_genesis 495 $comment_list_item = '';
mp-wp_genesis 496 $x = new WP_Ajax_Response();
mp-wp_genesis 497 foreach ( (array) $comments as $comment ) {
mp-wp_genesis 498 get_comment( $comment );
mp-wp_genesis 499 ob_start();
mp-wp_genesis 500 _wp_comment_row( $comment->comment_ID, 'single', false, false );
mp-wp_genesis 501 $comment_list_item .= ob_get_contents();
mp-wp_genesis 502 ob_end_clean();
mp-wp_genesis 503 }
mp-wp_genesis 504 $x->add( array(
mp-wp_genesis 505 'what' => 'comments',
mp-wp_genesis 506 'data' => $comment_list_item
mp-wp_genesis 507 ) );
mp-wp_genesis 508 $x->send();
mp-wp_genesis 509 break;
mp-wp_genesis 510 case 'replyto-comment' :
mp-wp_genesis 511 check_ajax_referer( $action );
mp-wp_genesis 512
mp-wp_genesis 513 $comment_post_ID = (int) $_POST['comment_post_ID'];
mp-wp_genesis 514 if ( !current_user_can( 'edit_post', $comment_post_ID ) )
mp-wp_genesis 515 die('-1');
mp-wp_genesis 516
mp-wp_genesis 517 $status = $wpdb->get_var( $wpdb->prepare("SELECT post_status FROM $wpdb->posts WHERE ID = %d", $comment_post_ID) );
mp-wp_genesis 518
mp-wp_genesis 519 if ( empty($status) )
mp-wp_genesis 520 die('1');
mp-wp_genesis 521 elseif ( in_array($status, array('draft', 'pending') ) )
mp-wp_genesis 522 die( __('Error: you are replying to a comment on a draft post.') );
mp-wp_genesis 523
mp-wp_genesis 524 $user = wp_get_current_user();
mp-wp_genesis 525 if ( $user->ID ) {
mp-wp_genesis 526 $comment_author = $wpdb->escape($user->display_name);
mp-wp_genesis 527 $comment_author_email = $wpdb->escape($user->user_email);
mp-wp_genesis 528 $comment_author_url = $wpdb->escape($user->user_url);
mp-wp_genesis 529 $comment_content = trim($_POST['content']);
mp-wp_genesis 530 if ( current_user_can('unfiltered_html') ) {
mp-wp_genesis 531 if ( wp_create_nonce('unfiltered-html-comment_' . $comment_post_ID) != $_POST['_wp_unfiltered_html_comment'] ) {
mp-wp_genesis 532 kses_remove_filters(); // start with a clean slate
mp-wp_genesis 533 kses_init_filters(); // set up the filters
mp-wp_genesis 534 }
mp-wp_genesis 535 }
mp-wp_genesis 536 } else {
mp-wp_genesis 537 die( __('Sorry, you must be logged in to reply to a comment.') );
mp-wp_genesis 538 }
mp-wp_genesis 539
mp-wp_genesis 540 if ( '' == $comment_content )
mp-wp_genesis 541 die( __('Error: please type a comment.') );
mp-wp_genesis 542
mp-wp_genesis 543 $comment_parent = absint($_POST['comment_ID']);
mp-wp_genesis 544 $commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type', 'comment_parent', 'user_ID');
mp-wp_genesis 545
mp-wp_genesis 546 $comment_id = wp_new_comment( $commentdata );
mp-wp_genesis 547 $comment = get_comment($comment_id);
mp-wp_genesis 548 if ( ! $comment ) die('1');
mp-wp_genesis 549
mp-wp_genesis 550 $modes = array( 'single', 'detail', 'dashboard' );
mp-wp_genesis 551 $mode = isset($_POST['mode']) && in_array( $_POST['mode'], $modes ) ? $_POST['mode'] : 'detail';
mp-wp_genesis 552 $position = ( isset($_POST['position']) && (int) $_POST['position']) ? (int) $_POST['position'] : '-1';
mp-wp_genesis 553 $checkbox = ( isset($_POST['checkbox']) && true == $_POST['checkbox'] ) ? 1 : 0;
mp-wp_genesis 554
mp-wp_genesis 555 if ( get_option('show_avatars') && 'single' != $mode )
mp-wp_genesis 556 add_filter( 'comment_author', 'floated_admin_avatar' );
mp-wp_genesis 557
mp-wp_genesis 558 $x = new WP_Ajax_Response();
mp-wp_genesis 559
mp-wp_genesis 560 ob_start();
mp-wp_genesis 561 if ( 'dashboard' == $mode ) {
mp-wp_genesis 562 require_once( ABSPATH . 'wp-admin/includes/dashboard.php' );
mp-wp_genesis 563 _wp_dashboard_recent_comments_row( $comment, false );
mp-wp_genesis 564 } else {
mp-wp_genesis 565 _wp_comment_row( $comment->comment_ID, $mode, false, $checkbox );
mp-wp_genesis 566 }
mp-wp_genesis 567 $comment_list_item = ob_get_contents();
mp-wp_genesis 568 ob_end_clean();
mp-wp_genesis 569
mp-wp_genesis 570 $x->add( array(
mp-wp_genesis 571 'what' => 'comment',
mp-wp_genesis 572 'id' => $comment->comment_ID,
mp-wp_genesis 573 'data' => $comment_list_item,
mp-wp_genesis 574 'position' => $position
mp-wp_genesis 575 ));
mp-wp_genesis 576
mp-wp_genesis 577 $x->send();
mp-wp_genesis 578 break;
mp-wp_genesis 579 case 'edit-comment' :
mp-wp_genesis 580 check_ajax_referer( 'replyto-comment' );
mp-wp_genesis 581
mp-wp_genesis 582 $comment_post_ID = (int) $_POST['comment_post_ID'];
mp-wp_genesis 583 if ( ! current_user_can( 'edit_post', $comment_post_ID ) )
mp-wp_genesis 584 die('-1');
mp-wp_genesis 585
mp-wp_genesis 586 if ( '' == $_POST['content'] )
mp-wp_genesis 587 die( __('Error: please type a comment.') );
mp-wp_genesis 588
mp-wp_genesis 589 $comment_id = (int) $_POST['comment_ID'];
mp-wp_genesis 590 $_POST['comment_status'] = $_POST['status'];
mp-wp_genesis 591 edit_comment();
mp-wp_genesis 592
mp-wp_genesis 593 $mode = ( isset($_POST['mode']) && 'single' == $_POST['mode'] ) ? 'single' : 'detail';
mp-wp_genesis 594 $position = ( isset($_POST['position']) && (int) $_POST['position']) ? (int) $_POST['position'] : '-1';
mp-wp_genesis 595 $checkbox = ( isset($_POST['checkbox']) && true == $_POST['checkbox'] ) ? 1 : 0;
mp-wp_genesis 596
mp-wp_genesis 597 if ( get_option('show_avatars') && 'single' != $mode )
mp-wp_genesis 598 add_filter( 'comment_author', 'floated_admin_avatar' );
mp-wp_genesis 599
mp-wp_genesis 600 $x = new WP_Ajax_Response();
mp-wp_genesis 601
mp-wp_genesis 602 ob_start();
mp-wp_genesis 603 _wp_comment_row( $comment_id, $mode, true, $checkbox );
mp-wp_genesis 604 $comment_list_item = ob_get_contents();
mp-wp_genesis 605 ob_end_clean();
mp-wp_genesis 606
mp-wp_genesis 607 $x->add( array(
mp-wp_genesis 608 'what' => 'edit_comment',
mp-wp_genesis 609 'id' => $comment->comment_ID,
mp-wp_genesis 610 'data' => $comment_list_item,
mp-wp_genesis 611 'position' => $position
mp-wp_genesis 612 ));
mp-wp_genesis 613
mp-wp_genesis 614 $x->send();
mp-wp_genesis 615 break;
mp-wp_genesis 616 case 'add-meta' :
mp-wp_genesis 617 check_ajax_referer( 'add-meta' );
mp-wp_genesis 618 $c = 0;
mp-wp_genesis 619 $pid = (int) $_POST['post_id'];
mp-wp_genesis 620 if ( isset($_POST['metakeyselect']) || isset($_POST['metakeyinput']) ) {
mp-wp_genesis 621 if ( !current_user_can( 'edit_post', $pid ) )
mp-wp_genesis 622 die('-1');
mp-wp_genesis 623 if ( '#NONE#' == $_POST['metakeyselect'] && empty($_POST['metakeyinput']) )
mp-wp_genesis 624 die('1');
mp-wp_genesis 625 if ( $pid < 0 ) {
mp-wp_genesis 626 $now = current_time('timestamp', 1);
mp-wp_genesis 627 if ( $pid = wp_insert_post( array(
mp-wp_genesis 628 'post_title' => sprintf('Draft created on %s at %s', date(get_option('date_format'), $now), date(get_option('time_format'), $now))
mp-wp_genesis 629 ) ) ) {
mp-wp_genesis 630 if ( is_wp_error( $pid ) ) {
mp-wp_genesis 631 $x = new WP_Ajax_Response( array(
mp-wp_genesis 632 'what' => 'meta',
mp-wp_genesis 633 'data' => $pid
mp-wp_genesis 634 ) );
mp-wp_genesis 635 $x->send();
mp-wp_genesis 636 }
mp-wp_genesis 637 $mid = add_meta( $pid );
mp-wp_genesis 638 } else {
mp-wp_genesis 639 die('0');
mp-wp_genesis 640 }
mp-wp_genesis 641 } else if ( !$mid = add_meta( $pid ) ) {
mp-wp_genesis 642 die('0');
mp-wp_genesis 643 }
mp-wp_genesis 644
mp-wp_genesis 645 $meta = get_post_meta_by_id( $mid );
mp-wp_genesis 646 $pid = (int) $meta->post_id;
mp-wp_genesis 647 $meta = get_object_vars( $meta );
mp-wp_genesis 648 $x = new WP_Ajax_Response( array(
mp-wp_genesis 649 'what' => 'meta',
mp-wp_genesis 650 'id' => $mid,
mp-wp_genesis 651 'data' => _list_meta_row( $meta, $c ),
mp-wp_genesis 652 'position' => 1,
mp-wp_genesis 653 'supplemental' => array('postid' => $pid)
mp-wp_genesis 654 ) );
mp-wp_genesis 655 } else {
mp-wp_genesis 656 $mid = (int) array_pop(array_keys($_POST['meta']));
mp-wp_genesis 657 $key = $_POST['meta'][$mid]['key'];
mp-wp_genesis 658 $value = $_POST['meta'][$mid]['value'];
mp-wp_genesis 659 if ( !$meta = get_post_meta_by_id( $mid ) )
mp-wp_genesis 660 die('0'); // if meta doesn't exist
mp-wp_genesis 661 if ( !current_user_can( 'edit_post', $meta->post_id ) )
mp-wp_genesis 662 die('-1');
mp-wp_genesis 663 if ( !$u = update_meta( $mid, $key, $value ) )
mp-wp_genesis 664 die('1'); // We know meta exists; we also know it's unchanged (or DB error, in which case there are bigger problems).
mp-wp_genesis 665 $key = stripslashes($key);
mp-wp_genesis 666 $value = stripslashes($value);
mp-wp_genesis 667 $x = new WP_Ajax_Response( array(
mp-wp_genesis 668 'what' => 'meta',
mp-wp_genesis 669 'id' => $mid, 'old_id' => $mid,
mp-wp_genesis 670 'data' => _list_meta_row( array(
mp-wp_genesis 671 'meta_key' => $key,
mp-wp_genesis 672 'meta_value' => $value,
mp-wp_genesis 673 'meta_id' => $mid
mp-wp_genesis 674 ), $c ),
mp-wp_genesis 675 'position' => 0,
mp-wp_genesis 676 'supplemental' => array('postid' => $meta->post_id)
mp-wp_genesis 677 ) );
mp-wp_genesis 678 }
mp-wp_genesis 679 $x->send();
mp-wp_genesis 680 break;
mp-wp_genesis 681 case 'add-user' :
mp-wp_genesis 682 check_ajax_referer( $action );
mp-wp_genesis 683 if ( !current_user_can('create_users') )
mp-wp_genesis 684 die('-1');
mp-wp_genesis 685 require_once(ABSPATH . WPINC . '/registration.php');
mp-wp_genesis 686 if ( !$user_id = add_user() )
mp-wp_genesis 687 die('0');
mp-wp_genesis 688 elseif ( is_wp_error( $user_id ) ) {
mp-wp_genesis 689 $x = new WP_Ajax_Response( array(
mp-wp_genesis 690 'what' => 'user',
mp-wp_genesis 691 'id' => $user_id
mp-wp_genesis 692 ) );
mp-wp_genesis 693 $x->send();
mp-wp_genesis 694 }
mp-wp_genesis 695 $user_object = new WP_User( $user_id );
mp-wp_genesis 696
mp-wp_genesis 697 $x = new WP_Ajax_Response( array(
mp-wp_genesis 698 'what' => 'user',
mp-wp_genesis 699 'id' => $user_id,
mp-wp_genesis 700 'data' => user_row( $user_object, '', $user_object->roles[0] ),
mp-wp_genesis 701 'supplemental' => array(
mp-wp_genesis 702 'show-link' => sprintf(__( 'User <a href="#%s">%s</a> added' ), "user-$user_id", $user_object->user_login),
mp-wp_genesis 703 'role' => $user_object->roles[0]
mp-wp_genesis 704 )
mp-wp_genesis 705 ) );
mp-wp_genesis 706 $x->send();
mp-wp_genesis 707 break;
mp-wp_genesis 708 case 'autosave' : // The name of this action is hardcoded in edit_post()
mp-wp_genesis 709 define( 'DOING_AUTOSAVE', true );
mp-wp_genesis 710
mp-wp_genesis 711 $nonce_age = check_ajax_referer( 'autosave', 'autosavenonce' );
mp-wp_genesis 712 global $current_user;
mp-wp_genesis 713
mp-wp_genesis 714 $_POST['post_category'] = explode(",", $_POST['catslist']);
mp-wp_genesis 715 $_POST['tags_input'] = explode(",", $_POST['tags_input']);
mp-wp_genesis 716 if($_POST['post_type'] == 'page' || empty($_POST['post_category']))
mp-wp_genesis 717 unset($_POST['post_category']);
mp-wp_genesis 718
mp-wp_genesis 719 $do_autosave = (bool) $_POST['autosave'];
mp-wp_genesis 720 $do_lock = true;
mp-wp_genesis 721
mp-wp_genesis 722 $data = '';
mp-wp_genesis 723 $message = sprintf( __('Draft Saved at %s.'), date( __('g:i:s a'), current_time( 'timestamp', true ) ) );
mp-wp_genesis 724
mp-wp_genesis 725 $supplemental = array();
mp-wp_genesis 726
mp-wp_genesis 727 $id = $revision_id = 0;
mp-wp_genesis 728 if($_POST['post_ID'] < 0) {
mp-wp_genesis 729 $_POST['post_status'] = 'draft';
mp-wp_genesis 730 $_POST['temp_ID'] = $_POST['post_ID'];
mp-wp_genesis 731 if ( $do_autosave ) {
mp-wp_genesis 732 $id = wp_write_post();
mp-wp_genesis 733 $data = $message;
mp-wp_genesis 734 }
mp-wp_genesis 735 } else {
mp-wp_genesis 736 $post_ID = (int) $_POST['post_ID'];
mp-wp_genesis 737 $_POST['ID'] = $post_ID;
mp-wp_genesis 738 $post = get_post($post_ID);
mp-wp_genesis 739
mp-wp_genesis 740 if ( $last = wp_check_post_lock( $post->ID ) ) {
mp-wp_genesis 741 $do_autosave = $do_lock = false;
mp-wp_genesis 742
mp-wp_genesis 743 $last_user = get_userdata( $last );
mp-wp_genesis 744 $last_user_name = $last_user ? $last_user->display_name : __( 'Someone' );
mp-wp_genesis 745 $data = new WP_Error( 'locked', sprintf(
mp-wp_genesis 746 $_POST['post_type'] == 'page' ? __( 'Autosave disabled: %s is currently editing this page.' ) : __( 'Autosave disabled: %s is currently editing this post.' ),
mp-wp_genesis 747 wp_specialchars( $last_user_name )
mp-wp_genesis 748 ) );
mp-wp_genesis 749
mp-wp_genesis 750 $supplemental['disable_autosave'] = 'disable';
mp-wp_genesis 751 }
mp-wp_genesis 752
mp-wp_genesis 753 if ( 'page' == $post->post_type ) {
mp-wp_genesis 754 if ( !current_user_can('edit_page', $post_ID) )
mp-wp_genesis 755 die(__('You are not allowed to edit this page.'));
mp-wp_genesis 756 } else {
mp-wp_genesis 757 if ( !current_user_can('edit_post', $post_ID) )
mp-wp_genesis 758 die(__('You are not allowed to edit this post.'));
mp-wp_genesis 759 }
mp-wp_genesis 760
mp-wp_genesis 761 if ( $do_autosave ) {
mp-wp_genesis 762 // Drafts are just overwritten by autosave
mp-wp_genesis 763 if ( 'draft' == $post->post_status ) {
mp-wp_genesis 764 $id = edit_post();
mp-wp_genesis 765 } else { // Non drafts are not overwritten. The autosave is stored in a special post revision.
mp-wp_genesis 766 $revision_id = wp_create_post_autosave( $post->ID );
mp-wp_genesis 767 if ( is_wp_error($revision_id) )
mp-wp_genesis 768 $id = $revision_id;
mp-wp_genesis 769 else
mp-wp_genesis 770 $id = $post->ID;
mp-wp_genesis 771 }
mp-wp_genesis 772 $data = $message;
mp-wp_genesis 773 } else {
mp-wp_genesis 774 $id = $post->ID;
mp-wp_genesis 775 }
mp-wp_genesis 776 }
mp-wp_genesis 777
mp-wp_genesis 778 if ( $do_lock && $id && is_numeric($id) )
mp-wp_genesis 779 wp_set_post_lock( $id );
mp-wp_genesis 780
mp-wp_genesis 781 if ( $nonce_age == 2 ) {
mp-wp_genesis 782 $supplemental['replace-autosavenonce'] = wp_create_nonce('autosave');
mp-wp_genesis 783 $supplemental['replace-getpermalinknonce'] = wp_create_nonce('getpermalink');
mp-wp_genesis 784 $supplemental['replace-samplepermalinknonce'] = wp_create_nonce('samplepermalink');
mp-wp_genesis 785 $supplemental['replace-closedpostboxesnonce'] = wp_create_nonce('closedpostboxes');
mp-wp_genesis 786 if ( $id ) {
mp-wp_genesis 787 if ( $_POST['post_type'] == 'post' )
mp-wp_genesis 788 $supplemental['replace-_wpnonce'] = wp_create_nonce('update-post_' . $id);
mp-wp_genesis 789 elseif ( $_POST['post_type'] == 'page' )
mp-wp_genesis 790 $supplemental['replace-_wpnonce'] = wp_create_nonce('update-page_' . $id);
mp-wp_genesis 791 }
mp-wp_genesis 792 }
mp-wp_genesis 793
mp-wp_genesis 794 $x = new WP_Ajax_Response( array(
mp-wp_genesis 795 'what' => 'autosave',
mp-wp_genesis 796 'id' => $id,
mp-wp_genesis 797 'data' => $id ? $data : '',
mp-wp_genesis 798 'supplemental' => $supplemental
mp-wp_genesis 799 ) );
mp-wp_genesis 800 $x->send();
mp-wp_genesis 801 break;
mp-wp_genesis 802 case 'autosave-generate-nonces' :
mp-wp_genesis 803 check_ajax_referer( 'autosave', 'autosavenonce' );
mp-wp_genesis 804 $ID = (int) $_POST['post_ID'];
mp-wp_genesis 805 if($_POST['post_type'] == 'post') {
mp-wp_genesis 806 if(current_user_can('edit_post', $ID))
mp-wp_genesis 807 die(wp_create_nonce('update-post_' . $ID));
mp-wp_genesis 808 }
mp-wp_genesis 809 if($_POST['post_type'] == 'page') {
mp-wp_genesis 810 if(current_user_can('edit_page', $ID)) {
mp-wp_genesis 811 die(wp_create_nonce('update-page_' . $ID));
mp-wp_genesis 812 }
mp-wp_genesis 813 }
mp-wp_genesis 814 die('0');
mp-wp_genesis 815 break;
mp-wp_genesis 816 case 'closed-postboxes' :
mp-wp_genesis 817 check_ajax_referer( 'closedpostboxes', 'closedpostboxesnonce' );
mp-wp_genesis 818 $closed = isset( $_POST['closed'] )? $_POST['closed'] : '';
mp-wp_genesis 819 $closed = explode( ',', $_POST['closed'] );
mp-wp_genesis 820 $hidden = isset( $_POST['hidden'] )? $_POST['hidden'] : '';
mp-wp_genesis 821 $hidden = explode( ',', $_POST['hidden'] );
mp-wp_genesis 822 $page = isset( $_POST['page'] )? $_POST['page'] : '';
mp-wp_genesis 823 if ( !preg_match( '/^[a-z-_]+$/', $page ) ) {
mp-wp_genesis 824 die(-1);
mp-wp_genesis 825 }
mp-wp_genesis 826 $current_user = wp_get_current_user();
mp-wp_genesis 827 if ( is_array($closed) )
mp-wp_genesis 828 update_usermeta($current_user->ID, 'closedpostboxes_'.$page, $closed);
mp-wp_genesis 829 if ( is_array($hidden) )
mp-wp_genesis 830 update_usermeta($current_user->ID, 'meta-box-hidden_'.$page, $hidden);
mp-wp_genesis 831 break;
mp-wp_genesis 832 case 'hidden-columns' :
mp-wp_genesis 833 check_ajax_referer( 'hiddencolumns', 'hiddencolumnsnonce' );
mp-wp_genesis 834 $hidden = isset( $_POST['hidden'] )? $_POST['hidden'] : '';
mp-wp_genesis 835 $hidden = explode( ',', $_POST['hidden'] );
mp-wp_genesis 836 $page = isset( $_POST['page'] )? $_POST['page'] : '';
mp-wp_genesis 837 if ( !preg_match( '/^[a-z-_]+$/', $page ) ) {
mp-wp_genesis 838 die(-1);
mp-wp_genesis 839 }
mp-wp_genesis 840 $current_user = wp_get_current_user();
mp-wp_genesis 841 if ( is_array($hidden) )
mp-wp_genesis 842 update_usermeta($current_user->ID, "manage-$page-columns-hidden", $hidden);
mp-wp_genesis 843 break;
mp-wp_genesis 844 case 'get-permalink':
mp-wp_genesis 845 check_ajax_referer( 'getpermalink', 'getpermalinknonce' );
mp-wp_genesis 846 $post_id = isset($_POST['post_id'])? intval($_POST['post_id']) : 0;
mp-wp_genesis 847 die(add_query_arg(array('preview' => 'true'), get_permalink($post_id)));
mp-wp_genesis 848 break;
mp-wp_genesis 849 case 'sample-permalink':
mp-wp_genesis 850 check_ajax_referer( 'samplepermalink', 'samplepermalinknonce' );
mp-wp_genesis 851 $post_id = isset($_POST['post_id'])? intval($_POST['post_id']) : 0;
mp-wp_genesis 852 $title = isset($_POST['new_title'])? $_POST['new_title'] : '';
mp-wp_genesis 853 $slug = isset($_POST['new_slug'])? $_POST['new_slug'] : '';
mp-wp_genesis 854 die(get_sample_permalink_html($post_id, $title, $slug));
mp-wp_genesis 855 break;
mp-wp_genesis 856 case 'inline-save':
mp-wp_genesis 857 check_ajax_referer( 'inlineeditnonce', '_inline_edit' );
mp-wp_genesis 858
mp-wp_genesis 859 if ( ! isset($_POST['post_ID']) || ! ( $post_ID = (int) $_POST['post_ID'] ) )
mp-wp_genesis 860 exit;
mp-wp_genesis 861
mp-wp_genesis 862 if ( 'page' == $_POST['post_type'] ) {
mp-wp_genesis 863 if ( ! current_user_can( 'edit_page', $post_ID ) )
mp-wp_genesis 864 die( __('You are not allowed to edit this page.') );
mp-wp_genesis 865 } else {
mp-wp_genesis 866 if ( ! current_user_can( 'edit_post', $post_ID ) )
mp-wp_genesis 867 die( __('You are not allowed to edit this post.') );
mp-wp_genesis 868 }
mp-wp_genesis 869
mp-wp_genesis 870 if ( $last = wp_check_post_lock( $post_ID ) ) {
mp-wp_genesis 871 $last_user = get_userdata( $last );
mp-wp_genesis 872 $last_user_name = $last_user ? $last_user->display_name : __( 'Someone' );
mp-wp_genesis 873 printf( $_POST['post_type'] == 'page' ? __( 'Saving is disabled: %s is currently editing this page.' ) : __( 'Saving is disabled: %s is currently editing this post.' ), wp_specialchars( $last_user_name ) );
mp-wp_genesis 874 exit;
mp-wp_genesis 875 }
mp-wp_genesis 876
mp-wp_genesis 877 $data = &$_POST;
mp-wp_genesis 878 $post = get_post( $post_ID, ARRAY_A );
mp-wp_genesis 879 $data['content'] = $post['post_content'];
mp-wp_genesis 880 $data['excerpt'] = $post['post_excerpt'];
mp-wp_genesis 881
mp-wp_genesis 882 // rename
mp-wp_genesis 883 $data['user_ID'] = $GLOBALS['user_ID'];
mp-wp_genesis 884
mp-wp_genesis 885 if ( isset($data['post_parent']) )
mp-wp_genesis 886 $data['parent_id'] = $data['post_parent'];
mp-wp_genesis 887
mp-wp_genesis 888 // status
mp-wp_genesis 889 if ( isset($data['keep_private']) && 'private' == $data['keep_private'] )
mp-wp_genesis 890 $data['post_status'] = 'private';
mp-wp_genesis 891 else
mp-wp_genesis 892 $data['post_status'] = $data['_status'];
mp-wp_genesis 893
mp-wp_genesis 894 if ( empty($data['comment_status']) )
mp-wp_genesis 895 $data['comment_status'] = 'closed';
mp-wp_genesis 896 if ( empty($data['ping_status']) )
mp-wp_genesis 897 $data['ping_status'] = 'closed';
mp-wp_genesis 898
mp-wp_genesis 899 // update the post
mp-wp_genesis 900 $_POST = $data;
mp-wp_genesis 901 edit_post();
mp-wp_genesis 902
mp-wp_genesis 903 $post = array();
mp-wp_genesis 904 if ( 'page' == $_POST['post_type'] ) {
mp-wp_genesis 905 $post[] = get_post($_POST['post_ID']);
mp-wp_genesis 906 page_rows($post);
mp-wp_genesis 907 } elseif ( 'post' == $_POST['post_type'] ) {
mp-wp_genesis 908 $mode = $_POST['post_view'];
mp-wp_genesis 909 $post[] = get_post($_POST['post_ID']);
mp-wp_genesis 910 post_rows($post);
mp-wp_genesis 911 }
mp-wp_genesis 912
mp-wp_genesis 913 exit;
mp-wp_genesis 914 break;
mp-wp_genesis 915 case 'inline-save-tax':
mp-wp_genesis 916 check_ajax_referer( 'taxinlineeditnonce', '_inline_edit' );
mp-wp_genesis 917
mp-wp_genesis 918 if ( ! current_user_can('manage_categories') )
mp-wp_genesis 919 die( __('Cheatin’ uh?') );
mp-wp_genesis 920
mp-wp_genesis 921 if ( ! isset($_POST['tax_ID']) || ! ( $id = (int) $_POST['tax_ID'] ) )
mp-wp_genesis 922 die(-1);
mp-wp_genesis 923
mp-wp_genesis 924 switch ($_POST['tax_type']) {
mp-wp_genesis 925 case 'cat' :
mp-wp_genesis 926 $data = array();
mp-wp_genesis 927 $data['cat_ID'] = $id;
mp-wp_genesis 928 $data['cat_name'] = $_POST['name'];
mp-wp_genesis 929 $data['category_nicename'] = $_POST['slug'];
mp-wp_genesis 930 if ( isset($_POST['parent']) && (int) $_POST['parent'] > 0 )
mp-wp_genesis 931 $data['category_parent'] = $_POST['parent'];
mp-wp_genesis 932
mp-wp_genesis 933 $cat = get_category($id, ARRAY_A);
mp-wp_genesis 934 $data['category_description'] = $cat['category_description'];
mp-wp_genesis 935
mp-wp_genesis 936 $updated = wp_update_category($data);
mp-wp_genesis 937
mp-wp_genesis 938 if ( $updated && !is_wp_error($updated) )
mp-wp_genesis 939 echo _cat_row( $updated, 0 );
mp-wp_genesis 940 else
mp-wp_genesis 941 die( __('Category not updated.') );
mp-wp_genesis 942
mp-wp_genesis 943 break;
mp-wp_genesis 944 case 'link-cat' :
mp-wp_genesis 945 $updated = wp_update_term($id, 'link_category', $_POST);
mp-wp_genesis 946
mp-wp_genesis 947 if ( $updated && !is_wp_error($updated) )
mp-wp_genesis 948 echo link_cat_row($updated['term_id']);
mp-wp_genesis 949 else
mp-wp_genesis 950 die( __('Category not updated.') );
mp-wp_genesis 951
mp-wp_genesis 952 break;
mp-wp_genesis 953 case 'tag' :
mp-wp_genesis 954 $updated = wp_update_term($id, 'post_tag', $_POST);
mp-wp_genesis 955 if ( $updated && !is_wp_error($updated) ) {
mp-wp_genesis 956 $tag = get_term( $updated['term_id'], 'post_tag' );
mp-wp_genesis 957 if ( !$tag || is_wp_error( $tag ) )
mp-wp_genesis 958 die( __('Tag not updated.') );
mp-wp_genesis 959
mp-wp_genesis 960 echo _tag_row($tag);
mp-wp_genesis 961 } else {
mp-wp_genesis 962 die( __('Tag not updated.') );
mp-wp_genesis 963 }
mp-wp_genesis 964
mp-wp_genesis 965 break;
mp-wp_genesis 966 }
mp-wp_genesis 967
mp-wp_genesis 968 exit;
mp-wp_genesis 969 break;
mp-wp_genesis 970 case 'meta-box-order':
mp-wp_genesis 971 check_ajax_referer( 'meta-box-order' );
mp-wp_genesis 972 update_user_option( $GLOBALS['current_user']->ID, "meta-box-order_$_POST[page]", $_POST['order'] );
mp-wp_genesis 973 die('1');
mp-wp_genesis 974 break;
mp-wp_genesis 975 case 'find_posts':
mp-wp_genesis 976 check_ajax_referer( 'find-posts' );
mp-wp_genesis 977
mp-wp_genesis 978 if ( empty($_POST['ps']) )
mp-wp_genesis 979 exit;
mp-wp_genesis 980
mp-wp_genesis 981 $what = isset($_POST['pages']) ? 'page' : 'post';
mp-wp_genesis 982 $s = stripslashes($_POST['ps']);
mp-wp_genesis 983 preg_match_all('/".*?("|$)|((?<=[\\s",+])|^)[^\\s",+]+/', $s, $matches);
mp-wp_genesis 984 $search_terms = array_map(create_function('$a', 'return trim($a, "\\"\'\\n\\r ");'), $matches[0]);
mp-wp_genesis 985
mp-wp_genesis 986 $searchand = $search = '';
mp-wp_genesis 987 foreach( (array) $search_terms as $term) {
mp-wp_genesis 988 $term = addslashes_gpc($term);
mp-wp_genesis 989 $search .= "{$searchand}(($wpdb->posts.post_title LIKE '%{$term}%') OR ($wpdb->posts.post_content LIKE '%{$term}%'))";
mp-wp_genesis 990 $searchand = ' AND ';
mp-wp_genesis 991 }
mp-wp_genesis 992 $term = $wpdb->escape($s);
mp-wp_genesis 993 if ( count($search_terms) > 1 && $search_terms[0] != $s )
mp-wp_genesis 994 $search .= " OR ($wpdb->posts.post_title LIKE '%{$term}%') OR ($wpdb->posts.post_content LIKE '%{$term}%')";
mp-wp_genesis 995
mp-wp_genesis 996 $posts = $wpdb->get_results( "SELECT ID, post_title, post_status, post_date FROM $wpdb->posts WHERE post_type = '$what' AND $search ORDER BY post_date_gmt DESC LIMIT 50" );
mp-wp_genesis 997
mp-wp_genesis 998 if ( ! $posts )
mp-wp_genesis 999 exit( __('No posts found.') );
mp-wp_genesis 1000
mp-wp_genesis 1001 $html = '<table class="widefat"><thead><tr><th class="found-radio"><br /></th><th>'.__('Title').'</th><th>'.__('Time').'</th><th>'.__('Status').'</th></tr></thead><tbody>';
mp-wp_genesis 1002 foreach ( $posts as $post ) {
mp-wp_genesis 1003
mp-wp_genesis 1004 switch ( $post->post_status ) {
mp-wp_genesis 1005 case 'publish' :
mp-wp_genesis 1006 case 'private' :
mp-wp_genesis 1007 $stat = __('Published');
mp-wp_genesis 1008 break;
mp-wp_genesis 1009 case 'future' :
mp-wp_genesis 1010 $stat = __('Scheduled');
mp-wp_genesis 1011 break;
mp-wp_genesis 1012 case 'pending' :
mp-wp_genesis 1013 $stat = __('Pending Review');
mp-wp_genesis 1014 break;
mp-wp_genesis 1015 case 'draft' :
mp-wp_genesis 1016 $stat = __('Unpublished');
mp-wp_genesis 1017 break;
mp-wp_genesis 1018 }
mp-wp_genesis 1019
mp-wp_genesis 1020 if ( '0000-00-00 00:00:00' == $post->post_date ) {
mp-wp_genesis 1021 $time = '';
mp-wp_genesis 1022 } else {
mp-wp_genesis 1023 $time = mysql2date(__('Y/m/d'), $post->post_date);
mp-wp_genesis 1024 }
mp-wp_genesis 1025
mp-wp_genesis 1026 $html .= '<tr class="found-posts"><td class="found-radio"><input type="radio" id="found-'.$post->ID.'" name="found_post_id" value="'.$post->ID.'"></td>';
mp-wp_genesis 1027 $html .= '<td><label for="found-'.$post->ID.'">'.wp_specialchars($post->post_title, true).'</label></td><td>'.wp_specialchars($time, true).'</td><td>'.wp_specialchars($stat, true).'</td></tr>'."\n\n";
mp-wp_genesis 1028 }
mp-wp_genesis 1029 $html .= '</tbody></table>';
mp-wp_genesis 1030
mp-wp_genesis 1031 $x = new WP_Ajax_Response();
mp-wp_genesis 1032 $x->add( array(
mp-wp_genesis 1033 'what' => $what,
mp-wp_genesis 1034 'data' => $html
mp-wp_genesis 1035 ));
mp-wp_genesis 1036 $x->send();
mp-wp_genesis 1037
mp-wp_genesis 1038 break;
mp-wp_genesis 1039 default :
mp-wp_genesis 1040 do_action( 'wp_ajax_' . $_POST['action'] );
mp-wp_genesis 1041 die('0');
mp-wp_genesis 1042 break;
mp-wp_genesis 1043 endswitch;
mp-wp_genesis 1044 ?>