Projects : mp-wp : mp-wp_genesis
| 1 | <?php |
| 2 | /** |
| 3 | * WordPress AJAX Process Execution. |
| 4 | * |
| 5 | * @package WordPress |
| 6 | * @subpackage Administration |
| 7 | */ |
| 8 | |
| 9 | /** |
| 10 | * Executing AJAX process. |
| 11 | * |
| 12 | * @since unknown |
| 13 | */ |
| 14 | define('DOING_AJAX', true); |
| 15 | define('WP_ADMIN', true); |
| 16 | |
| 17 | require_once('../wp-load.php'); |
| 18 | require_once('includes/admin.php'); |
| 19 | |
| 20 | if ( ! is_user_logged_in() ) { |
| 21 | |
| 22 | if ( $_POST['action'] == 'autosave' ) { |
| 23 | $id = isset($_POST['post_ID'])? (int) $_POST['post_ID'] : 0; |
| 24 | |
| 25 | if ( ! $id ) |
| 26 | die('-1'); |
| 27 | |
| 28 | $message = sprintf( __('<strong>ALERT: You are logged out!</strong> Could not save draft. <a href="%s" target="blank">Please log in again.</a>'), wp_login_url() ); |
| 29 | $x = new WP_Ajax_Response( array( |
| 30 | 'what' => 'autosave', |
| 31 | 'id' => $id, |
| 32 | 'data' => $message |
| 33 | ) ); |
| 34 | $x->send(); |
| 35 | } |
| 36 | |
| 37 | die('-1'); |
| 38 | } |
| 39 | |
| 40 | if ( isset( $_GET['action'] ) ) : |
| 41 | switch ( $action = $_GET['action'] ) : |
| 42 | case 'ajax-tag-search' : |
| 43 | if ( !current_user_can( 'manage_categories' ) ) |
| 44 | die('-1'); |
| 45 | |
| 46 | $s = $_GET['q']; // is this slashed already? |
| 47 | |
| 48 | if ( false !== strpos( $s, ',' ) ) { |
| 49 | $s = explode( ',', $s ); |
| 50 | $s = $s[count( $s ) - 1]; |
| 51 | } |
| 52 | $s = trim( $s ); |
| 53 | if ( strlen( $s ) < 2 ) |
| 54 | die; // require 2 chars for matching |
| 55 | $results = $wpdb->get_col( "SELECT t.name FROM $wpdb->term_taxonomy AS tt INNER JOIN $wpdb->terms AS t ON tt.term_id = t.term_id WHERE tt.taxonomy = 'post_tag' AND t.name LIKE ('%". $s . "%')" ); |
| 56 | echo join( $results, "\n" ); |
| 57 | die; |
| 58 | break; |
| 59 | default : |
| 60 | do_action( 'wp_ajax_' . $_GET['action'] ); |
| 61 | die('0'); |
| 62 | break; |
| 63 | endswitch; |
| 64 | endif; |
| 65 | |
| 66 | $id = isset($_POST['id'])? (int) $_POST['id'] : 0; |
| 67 | switch ( $action = $_POST['action'] ) : |
| 68 | case 'delete-comment' : |
| 69 | check_ajax_referer( "delete-comment_$id" ); |
| 70 | if ( !$comment = get_comment( $id ) ) |
| 71 | die('1'); |
| 72 | if ( !current_user_can( 'edit_post', $comment->comment_post_ID ) ) |
| 73 | die('-1'); |
| 74 | |
| 75 | if ( isset($_POST['spam']) && 1 == $_POST['spam'] ) { |
| 76 | if ( 'spam' == wp_get_comment_status( $comment->comment_ID ) ) |
| 77 | die('1'); |
| 78 | $r = wp_set_comment_status( $comment->comment_ID, 'spam' ); |
| 79 | } else { |
| 80 | $r = wp_delete_comment( $comment->comment_ID ); |
| 81 | } |
| 82 | |
| 83 | die( $r ? '1' : '0' ); |
| 84 | break; |
| 85 | case 'delete-cat' : |
| 86 | check_ajax_referer( "delete-category_$id" ); |
| 87 | if ( !current_user_can( 'manage_categories' ) ) |
| 88 | die('-1'); |
| 89 | |
| 90 | $cat = get_category( $id ); |
| 91 | if ( !$cat || is_wp_error( $cat ) ) |
| 92 | die('1'); |
| 93 | |
| 94 | if ( wp_delete_category( $id ) ) |
| 95 | die('1'); |
| 96 | else |
| 97 | die('0'); |
| 98 | break; |
| 99 | case 'delete-tag' : |
| 100 | check_ajax_referer( "delete-tag_$id" ); |
| 101 | if ( !current_user_can( 'manage_categories' ) ) |
| 102 | die('-1'); |
| 103 | |
| 104 | $tag = get_term( $id, 'post_tag' ); |
| 105 | if ( !$tag || is_wp_error( $tag ) ) |
| 106 | die('1'); |
| 107 | |
| 108 | if ( wp_delete_term($id, 'post_tag')) |
| 109 | die('1'); |
| 110 | else |
| 111 | die('0'); |
| 112 | break; |
| 113 | case 'delete-link-cat' : |
| 114 | check_ajax_referer( "delete-link-category_$id" ); |
| 115 | if ( !current_user_can( 'manage_categories' ) ) |
| 116 | die('-1'); |
| 117 | |
| 118 | $cat = get_term( $id, 'link_category' ); |
| 119 | if ( !$cat || is_wp_error( $cat ) ) |
| 120 | die('1'); |
| 121 | |
| 122 | $cat_name = get_term_field('name', $id, 'link_category'); |
| 123 | |
| 124 | // Don't delete the default cats. |
| 125 | if ( $id == get_option('default_link_category') ) { |
| 126 | $x = new WP_AJAX_Response( array( |
| 127 | 'what' => 'link-cat', |
| 128 | 'id' => $id, |
| 129 | 'data' => new WP_Error( 'default-link-cat', sprintf(__("Can’t delete the <strong>%s</strong> category: this is the default one"), $cat_name) ) |
| 130 | ) ); |
| 131 | $x->send(); |
| 132 | } |
| 133 | |
| 134 | $r = wp_delete_term($id, 'link_category'); |
| 135 | if ( !$r ) |
| 136 | die('0'); |
| 137 | if ( is_wp_error($r) ) { |
| 138 | $x = new WP_AJAX_Response( array( |
| 139 | 'what' => 'link-cat', |
| 140 | 'id' => $id, |
| 141 | 'data' => $r |
| 142 | ) ); |
| 143 | $x->send(); |
| 144 | } |
| 145 | die('1'); |
| 146 | break; |
| 147 | case 'delete-link' : |
| 148 | check_ajax_referer( "delete-bookmark_$id" ); |
| 149 | if ( !current_user_can( 'manage_links' ) ) |
| 150 | die('-1'); |
| 151 | |
| 152 | $link = get_bookmark( $id ); |
| 153 | if ( !$link || is_wp_error( $link ) ) |
| 154 | die('1'); |
| 155 | |
| 156 | if ( wp_delete_link( $id ) ) |
| 157 | die('1'); |
| 158 | else |
| 159 | die('0'); |
| 160 | break; |
| 161 | case 'delete-meta' : |
| 162 | check_ajax_referer( "delete-meta_$id" ); |
| 163 | if ( !$meta = get_post_meta_by_id( $id ) ) |
| 164 | die('1'); |
| 165 | |
| 166 | if ( !current_user_can( 'edit_post', $meta->post_id ) ) |
| 167 | die('-1'); |
| 168 | if ( delete_meta( $meta->meta_id ) ) |
| 169 | die('1'); |
| 170 | die('0'); |
| 171 | break; |
| 172 | case 'delete-post' : |
| 173 | check_ajax_referer( "{$action}_$id" ); |
| 174 | if ( !current_user_can( 'delete_post', $id ) ) |
| 175 | die('-1'); |
| 176 | |
| 177 | if ( !get_post( $id ) ) |
| 178 | die('1'); |
| 179 | |
| 180 | if ( wp_delete_post( $id ) ) |
| 181 | die('1'); |
| 182 | else |
| 183 | die('0'); |
| 184 | break; |
| 185 | case 'delete-page' : |
| 186 | check_ajax_referer( "{$action}_$id" ); |
| 187 | if ( !current_user_can( 'delete_page', $id ) ) |
| 188 | die('-1'); |
| 189 | |
| 190 | if ( !get_page( $id ) ) |
| 191 | die('1'); |
| 192 | |
| 193 | if ( wp_delete_post( $id ) ) |
| 194 | die('1'); |
| 195 | else |
| 196 | die('0'); |
| 197 | break; |
| 198 | case 'dim-comment' : |
| 199 | if ( !$comment = get_comment( $id ) ) |
| 200 | die('0'); |
| 201 | |
| 202 | if ( !current_user_can( 'edit_post', $comment->comment_post_ID ) ) |
| 203 | die('-1'); |
| 204 | if ( !current_user_can( 'moderate_comments' ) ) |
| 205 | die('-1'); |
| 206 | |
| 207 | $current = wp_get_comment_status( $comment->comment_ID ); |
| 208 | if ( $_POST['new'] == $current ) |
| 209 | die('1'); |
| 210 | |
| 211 | if ( in_array( $current, array( 'unapproved', 'spam' ) ) ) { |
| 212 | check_ajax_referer( "approve-comment_$id" ); |
| 213 | if ( wp_set_comment_status( $comment->comment_ID, 'approve' ) ) |
| 214 | die('1'); |
| 215 | } else { |
| 216 | check_ajax_referer( "unapprove-comment_$id" ); |
| 217 | if ( wp_set_comment_status( $comment->comment_ID, 'hold' ) ) |
| 218 | die('1'); |
| 219 | } |
| 220 | die('0'); |
| 221 | break; |
| 222 | case 'add-category' : // On the Fly |
| 223 | check_ajax_referer( $action ); |
| 224 | if ( !current_user_can( 'manage_categories' ) ) |
| 225 | die('-1'); |
| 226 | $names = explode(',', $_POST['newcat']); |
| 227 | if ( 0 > $parent = (int) $_POST['newcat_parent'] ) |
| 228 | $parent = 0; |
| 229 | $post_category = isset($_POST['post_category'])? (array) $_POST['post_category'] : array(); |
| 230 | $checked_categories = array_map( 'absint', (array) $post_category ); |
| 231 | $popular_ids = isset( $_POST['popular_ids'] ) ? |
| 232 | array_map( 'absint', explode( ',', $_POST['popular_ids'] ) ) : |
| 233 | false; |
| 234 | |
| 235 | $x = new WP_Ajax_Response(); |
| 236 | foreach ( $names as $cat_name ) { |
| 237 | $cat_name = trim($cat_name); |
| 238 | $category_nicename = sanitize_title($cat_name); |
| 239 | if ( '' === $category_nicename ) |
| 240 | continue; |
| 241 | $cat_id = wp_create_category( $cat_name, $parent ); |
| 242 | $checked_categories[] = $cat_id; |
| 243 | if ( $parent ) // Do these all at once in a second |
| 244 | continue; |
| 245 | $category = get_category( $cat_id ); |
| 246 | ob_start(); |
| 247 | wp_category_checklist( 0, $cat_id, $checked_categories, $popular_ids ); |
| 248 | $data = ob_get_contents(); |
| 249 | ob_end_clean(); |
| 250 | $x->add( array( |
| 251 | 'what' => 'category', |
| 252 | 'id' => $cat_id, |
| 253 | 'data' => $data, |
| 254 | 'position' => -1 |
| 255 | ) ); |
| 256 | } |
| 257 | if ( $parent ) { // Foncy - replace the parent and all its children |
| 258 | $parent = get_category( $parent ); |
| 259 | ob_start(); |
| 260 | dropdown_categories( 0, $parent ); |
| 261 | $data = ob_get_contents(); |
| 262 | ob_end_clean(); |
| 263 | $x->add( array( |
| 264 | 'what' => 'category', |
| 265 | 'id' => $parent->term_id, |
| 266 | 'old_id' => $parent->term_id, |
| 267 | 'data' => $data, |
| 268 | 'position' => -1 |
| 269 | ) ); |
| 270 | |
| 271 | } |
| 272 | $x->send(); |
| 273 | break; |
| 274 | case 'add-link-category' : // On the Fly |
| 275 | check_ajax_referer( $action ); |
| 276 | if ( !current_user_can( 'manage_categories' ) ) |
| 277 | die('-1'); |
| 278 | $names = explode(',', $_POST['newcat']); |
| 279 | $x = new WP_Ajax_Response(); |
| 280 | foreach ( $names as $cat_name ) { |
| 281 | $cat_name = trim($cat_name); |
| 282 | $slug = sanitize_title($cat_name); |
| 283 | if ( '' === $slug ) |
| 284 | continue; |
| 285 | if ( !$cat_id = is_term( $cat_name, 'link_category' ) ) { |
| 286 | $cat_id = wp_insert_term( $cat_name, 'link_category' ); |
| 287 | } |
| 288 | $cat_id = $cat_id['term_id']; |
| 289 | $cat_name = wp_specialchars(stripslashes($cat_name)); |
| 290 | $x->add( array( |
| 291 | 'what' => 'link-category', |
| 292 | 'id' => $cat_id, |
| 293 | 'data' => "<li id='link-category-$cat_id'><label for='in-link-category-$cat_id' class='selectit'><input value='$cat_id' type='checkbox' checked='checked' name='link_category[]' id='in-link-category-$cat_id'/> $cat_name</label></li>", |
| 294 | 'position' => -1 |
| 295 | ) ); |
| 296 | } |
| 297 | $x->send(); |
| 298 | break; |
| 299 | case 'add-cat' : // From Manage->Categories |
| 300 | check_ajax_referer( 'add-category' ); |
| 301 | if ( !current_user_can( 'manage_categories' ) ) |
| 302 | die('-1'); |
| 303 | |
| 304 | if ( '' === trim($_POST['cat_name']) ) { |
| 305 | $x = new WP_Ajax_Response( array( |
| 306 | 'what' => 'cat', |
| 307 | 'id' => new WP_Error( 'cat_name', __('You did not enter a category name.') ) |
| 308 | ) ); |
| 309 | $x->send(); |
| 310 | } |
| 311 | |
| 312 | if ( category_exists( trim( $_POST['cat_name'] ) ) ) { |
| 313 | $x = new WP_Ajax_Response( array( |
| 314 | 'what' => 'cat', |
| 315 | 'id' => new WP_Error( 'cat_exists', __('The category you are trying to create already exists.'), array( 'form-field' => 'cat_name' ) ), |
| 316 | ) ); |
| 317 | $x->send(); |
| 318 | } |
| 319 | |
| 320 | $cat = wp_insert_category( $_POST, true ); |
| 321 | |
| 322 | if ( is_wp_error($cat) ) { |
| 323 | $x = new WP_Ajax_Response( array( |
| 324 | 'what' => 'cat', |
| 325 | 'id' => $cat |
| 326 | ) ); |
| 327 | $x->send(); |
| 328 | } |
| 329 | |
| 330 | if ( !$cat || (!$cat = get_category( $cat )) ) |
| 331 | die('0'); |
| 332 | |
| 333 | $level = 0; |
| 334 | $cat_full_name = $cat->name; |
| 335 | $_cat = $cat; |
| 336 | while ( $_cat->parent ) { |
| 337 | $_cat = get_category( $_cat->parent ); |
| 338 | $cat_full_name = $_cat->name . ' — ' . $cat_full_name; |
| 339 | $level++; |
| 340 | } |
| 341 | $cat_full_name = attribute_escape($cat_full_name); |
| 342 | |
| 343 | $x = new WP_Ajax_Response( array( |
| 344 | 'what' => 'cat', |
| 345 | 'id' => $cat->term_id, |
| 346 | 'position' => -1, |
| 347 | 'data' => _cat_row( $cat, $level, $cat_full_name ), |
| 348 | 'supplemental' => array('name' => $cat_full_name, 'show-link' => sprintf(__( 'Category <a href="#%s">%s</a> added' ), "cat-$cat->term_id", $cat_full_name)) |
| 349 | ) ); |
| 350 | $x->send(); |
| 351 | break; |
| 352 | case 'add-link-cat' : // From Blogroll -> Categories |
| 353 | check_ajax_referer( 'add-link-category' ); |
| 354 | if ( !current_user_can( 'manage_categories' ) ) |
| 355 | die('-1'); |
| 356 | |
| 357 | if ( '' === trim($_POST['name']) ) { |
| 358 | $x = new WP_Ajax_Response( array( |
| 359 | 'what' => 'link-cat', |
| 360 | 'id' => new WP_Error( 'name', __('You did not enter a category name.') ) |
| 361 | ) ); |
| 362 | $x->send(); |
| 363 | } |
| 364 | |
| 365 | $r = wp_insert_term($_POST['name'], 'link_category', $_POST ); |
| 366 | if ( is_wp_error( $r ) ) { |
| 367 | $x = new WP_AJAX_Response( array( |
| 368 | 'what' => 'link-cat', |
| 369 | 'id' => $r |
| 370 | ) ); |
| 371 | $x->send(); |
| 372 | } |
| 373 | |
| 374 | extract($r, EXTR_SKIP); |
| 375 | |
| 376 | if ( !$link_cat = link_cat_row( $term_id ) ) |
| 377 | die('0'); |
| 378 | |
| 379 | $x = new WP_Ajax_Response( array( |
| 380 | 'what' => 'link-cat', |
| 381 | 'id' => $term_id, |
| 382 | 'position' => -1, |
| 383 | 'data' => $link_cat |
| 384 | ) ); |
| 385 | $x->send(); |
| 386 | break; |
| 387 | case 'add-tag' : // From Manage->Tags |
| 388 | check_ajax_referer( 'add-tag' ); |
| 389 | if ( !current_user_can( 'manage_categories' ) ) |
| 390 | die('-1'); |
| 391 | |
| 392 | if ( '' === trim($_POST['name']) ) { |
| 393 | $x = new WP_Ajax_Response( array( |
| 394 | 'what' => 'tag', |
| 395 | 'id' => new WP_Error( 'name', __('You did not enter a tag name.') ) |
| 396 | ) ); |
| 397 | $x->send(); |
| 398 | } |
| 399 | |
| 400 | $tag = wp_insert_term($_POST['name'], 'post_tag', $_POST ); |
| 401 | |
| 402 | if ( is_wp_error($tag) ) { |
| 403 | $x = new WP_Ajax_Response( array( |
| 404 | 'what' => 'tag', |
| 405 | 'id' => $tag |
| 406 | ) ); |
| 407 | $x->send(); |
| 408 | } |
| 409 | |
| 410 | if ( !$tag || (!$tag = get_term( $tag['term_id'], 'post_tag' )) ) |
| 411 | die('0'); |
| 412 | |
| 413 | $tag_full_name = $tag->name; |
| 414 | $tag_full_name = attribute_escape($tag_full_name); |
| 415 | |
| 416 | $x = new WP_Ajax_Response( array( |
| 417 | 'what' => 'tag', |
| 418 | 'id' => $tag->term_id, |
| 419 | 'position' => '-1', |
| 420 | 'data' => _tag_row( $tag ), |
| 421 | 'supplemental' => array('name' => $tag_full_name, 'show-link' => sprintf(__( 'Tag <a href="#%s">%s</a> added' ), "tag-$tag->term_id", $tag_full_name)) |
| 422 | ) ); |
| 423 | $x->send(); |
| 424 | break; |
| 425 | case 'get-tagcloud' : |
| 426 | if ( !current_user_can( 'manage_categories' ) ) |
| 427 | die('-1'); |
| 428 | |
| 429 | $tags = get_tags( array( 'number' => 45, 'orderby' => 'count', 'order' => 'DESC' ) ); |
| 430 | |
| 431 | if ( empty( $tags ) ) |
| 432 | die( __('No tags found!') ); |
| 433 | |
| 434 | foreach ( $tags as $key => $tag ) { |
| 435 | $tags[ $key ]->link = '#'; |
| 436 | $tags[ $key ]->id = $tag->term_id; |
| 437 | } |
| 438 | |
| 439 | $return = wp_generate_tag_cloud( $tags ); |
| 440 | |
| 441 | if ( empty($return) ) |
| 442 | die('0'); |
| 443 | |
| 444 | echo $return; |
| 445 | |
| 446 | exit; |
| 447 | break; |
| 448 | case 'add-comment' : |
| 449 | check_ajax_referer( $action ); |
| 450 | if ( !current_user_can( 'edit_post', $id ) ) |
| 451 | die('-1'); |
| 452 | $search = isset($_POST['s']) ? $_POST['s'] : false; |
| 453 | $start = isset($_POST['page']) ? intval($_POST['page']) * 25 - 1: 24; |
| 454 | $status = isset($_POST['comment_status']) ? $_POST['comment_status'] : false; |
| 455 | $mode = isset($_POST['mode']) ? $_POST['mode'] : 'detail'; |
| 456 | $p = isset($_POST['p']) ? $_POST['p'] : 0; |
| 457 | $comment_type = isset($_POST['comment_type']) ? $_POST['comment_type'] : ''; |
| 458 | list($comments, $total) = _wp_get_comment_list( $status, $search, $start, 1, $p, $comment_type ); |
| 459 | |
| 460 | if ( get_option('show_avatars') ) |
| 461 | add_filter( 'comment_author', 'floated_admin_avatar' ); |
| 462 | |
| 463 | if ( !$comments ) |
| 464 | die('1'); |
| 465 | $x = new WP_Ajax_Response(); |
| 466 | foreach ( (array) $comments as $comment ) { |
| 467 | get_comment( $comment ); |
| 468 | ob_start(); |
| 469 | _wp_comment_row( $comment->comment_ID, $mode, $status, true, true ); |
| 470 | $comment_list_item = ob_get_contents(); |
| 471 | ob_end_clean(); |
| 472 | $x->add( array( |
| 473 | 'what' => 'comment', |
| 474 | 'id' => $comment->comment_ID, |
| 475 | 'data' => $comment_list_item |
| 476 | ) ); |
| 477 | } |
| 478 | $x->send(); |
| 479 | break; |
| 480 | case 'get-comments' : |
| 481 | check_ajax_referer( $action ); |
| 482 | |
| 483 | $post_ID = (int) $_POST['post_ID']; |
| 484 | if ( !current_user_can( 'edit_post', $post_ID ) ) |
| 485 | die('-1'); |
| 486 | |
| 487 | $start = isset($_POST['start']) ? intval($_POST['start']) : 0; |
| 488 | $num = isset($_POST['num']) ? intval($_POST['num']) : 10; |
| 489 | |
| 490 | list($comments, $total) = _wp_get_comment_list( false, false, $start, $num, $post_ID ); |
| 491 | |
| 492 | if ( !$comments ) |
| 493 | die('1'); |
| 494 | |
| 495 | $comment_list_item = ''; |
| 496 | $x = new WP_Ajax_Response(); |
| 497 | foreach ( (array) $comments as $comment ) { |
| 498 | get_comment( $comment ); |
| 499 | ob_start(); |
| 500 | _wp_comment_row( $comment->comment_ID, 'single', false, false ); |
| 501 | $comment_list_item .= ob_get_contents(); |
| 502 | ob_end_clean(); |
| 503 | } |
| 504 | $x->add( array( |
| 505 | 'what' => 'comments', |
| 506 | 'data' => $comment_list_item |
| 507 | ) ); |
| 508 | $x->send(); |
| 509 | break; |
| 510 | case 'replyto-comment' : |
| 511 | check_ajax_referer( $action ); |
| 512 | |
| 513 | $comment_post_ID = (int) $_POST['comment_post_ID']; |
| 514 | if ( !current_user_can( 'edit_post', $comment_post_ID ) ) |
| 515 | die('-1'); |
| 516 | |
| 517 | $status = $wpdb->get_var( $wpdb->prepare("SELECT post_status FROM $wpdb->posts WHERE ID = %d", $comment_post_ID) ); |
| 518 | |
| 519 | if ( empty($status) ) |
| 520 | die('1'); |
| 521 | elseif ( in_array($status, array('draft', 'pending') ) ) |
| 522 | die( __('Error: you are replying to a comment on a draft post.') ); |
| 523 | |
| 524 | $user = wp_get_current_user(); |
| 525 | if ( $user->ID ) { |
| 526 | $comment_author = $wpdb->escape($user->display_name); |
| 527 | $comment_author_email = $wpdb->escape($user->user_email); |
| 528 | $comment_author_url = $wpdb->escape($user->user_url); |
| 529 | $comment_content = trim($_POST['content']); |
| 530 | if ( current_user_can('unfiltered_html') ) { |
| 531 | if ( wp_create_nonce('unfiltered-html-comment_' . $comment_post_ID) != $_POST['_wp_unfiltered_html_comment'] ) { |
| 532 | kses_remove_filters(); // start with a clean slate |
| 533 | kses_init_filters(); // set up the filters |
| 534 | } |
| 535 | } |
| 536 | } else { |
| 537 | die( __('Sorry, you must be logged in to reply to a comment.') ); |
| 538 | } |
| 539 | |
| 540 | if ( '' == $comment_content ) |
| 541 | die( __('Error: please type a comment.') ); |
| 542 | |
| 543 | $comment_parent = absint($_POST['comment_ID']); |
| 544 | $commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type', 'comment_parent', 'user_ID'); |
| 545 | |
| 546 | $comment_id = wp_new_comment( $commentdata ); |
| 547 | $comment = get_comment($comment_id); |
| 548 | if ( ! $comment ) die('1'); |
| 549 | |
| 550 | $modes = array( 'single', 'detail', 'dashboard' ); |
| 551 | $mode = isset($_POST['mode']) && in_array( $_POST['mode'], $modes ) ? $_POST['mode'] : 'detail'; |
| 552 | $position = ( isset($_POST['position']) && (int) $_POST['position']) ? (int) $_POST['position'] : '-1'; |
| 553 | $checkbox = ( isset($_POST['checkbox']) && true == $_POST['checkbox'] ) ? 1 : 0; |
| 554 | |
| 555 | if ( get_option('show_avatars') && 'single' != $mode ) |
| 556 | add_filter( 'comment_author', 'floated_admin_avatar' ); |
| 557 | |
| 558 | $x = new WP_Ajax_Response(); |
| 559 | |
| 560 | ob_start(); |
| 561 | if ( 'dashboard' == $mode ) { |
| 562 | require_once( ABSPATH . 'wp-admin/includes/dashboard.php' ); |
| 563 | _wp_dashboard_recent_comments_row( $comment, false ); |
| 564 | } else { |
| 565 | _wp_comment_row( $comment->comment_ID, $mode, false, $checkbox ); |
| 566 | } |
| 567 | $comment_list_item = ob_get_contents(); |
| 568 | ob_end_clean(); |
| 569 | |
| 570 | $x->add( array( |
| 571 | 'what' => 'comment', |
| 572 | 'id' => $comment->comment_ID, |
| 573 | 'data' => $comment_list_item, |
| 574 | 'position' => $position |
| 575 | )); |
| 576 | |
| 577 | $x->send(); |
| 578 | break; |
| 579 | case 'edit-comment' : |
| 580 | check_ajax_referer( 'replyto-comment' ); |
| 581 | |
| 582 | $comment_post_ID = (int) $_POST['comment_post_ID']; |
| 583 | if ( ! current_user_can( 'edit_post', $comment_post_ID ) ) |
| 584 | die('-1'); |
| 585 | |
| 586 | if ( '' == $_POST['content'] ) |
| 587 | die( __('Error: please type a comment.') ); |
| 588 | |
| 589 | $comment_id = (int) $_POST['comment_ID']; |
| 590 | $_POST['comment_status'] = $_POST['status']; |
| 591 | edit_comment(); |
| 592 | |
| 593 | $mode = ( isset($_POST['mode']) && 'single' == $_POST['mode'] ) ? 'single' : 'detail'; |
| 594 | $position = ( isset($_POST['position']) && (int) $_POST['position']) ? (int) $_POST['position'] : '-1'; |
| 595 | $checkbox = ( isset($_POST['checkbox']) && true == $_POST['checkbox'] ) ? 1 : 0; |
| 596 | |
| 597 | if ( get_option('show_avatars') && 'single' != $mode ) |
| 598 | add_filter( 'comment_author', 'floated_admin_avatar' ); |
| 599 | |
| 600 | $x = new WP_Ajax_Response(); |
| 601 | |
| 602 | ob_start(); |
| 603 | _wp_comment_row( $comment_id, $mode, true, $checkbox ); |
| 604 | $comment_list_item = ob_get_contents(); |
| 605 | ob_end_clean(); |
| 606 | |
| 607 | $x->add( array( |
| 608 | 'what' => 'edit_comment', |
| 609 | 'id' => $comment->comment_ID, |
| 610 | 'data' => $comment_list_item, |
| 611 | 'position' => $position |
| 612 | )); |
| 613 | |
| 614 | $x->send(); |
| 615 | break; |
| 616 | case 'add-meta' : |
| 617 | check_ajax_referer( 'add-meta' ); |
| 618 | $c = 0; |
| 619 | $pid = (int) $_POST['post_id']; |
| 620 | if ( isset($_POST['metakeyselect']) || isset($_POST['metakeyinput']) ) { |
| 621 | if ( !current_user_can( 'edit_post', $pid ) ) |
| 622 | die('-1'); |
| 623 | if ( '#NONE#' == $_POST['metakeyselect'] && empty($_POST['metakeyinput']) ) |
| 624 | die('1'); |
| 625 | if ( $pid < 0 ) { |
| 626 | $now = current_time('timestamp', 1); |
| 627 | if ( $pid = wp_insert_post( array( |
| 628 | 'post_title' => sprintf('Draft created on %s at %s', date(get_option('date_format'), $now), date(get_option('time_format'), $now)) |
| 629 | ) ) ) { |
| 630 | if ( is_wp_error( $pid ) ) { |
| 631 | $x = new WP_Ajax_Response( array( |
| 632 | 'what' => 'meta', |
| 633 | 'data' => $pid |
| 634 | ) ); |
| 635 | $x->send(); |
| 636 | } |
| 637 | $mid = add_meta( $pid ); |
| 638 | } else { |
| 639 | die('0'); |
| 640 | } |
| 641 | } else if ( !$mid = add_meta( $pid ) ) { |
| 642 | die('0'); |
| 643 | } |
| 644 | |
| 645 | $meta = get_post_meta_by_id( $mid ); |
| 646 | $pid = (int) $meta->post_id; |
| 647 | $meta = get_object_vars( $meta ); |
| 648 | $x = new WP_Ajax_Response( array( |
| 649 | 'what' => 'meta', |
| 650 | 'id' => $mid, |
| 651 | 'data' => _list_meta_row( $meta, $c ), |
| 652 | 'position' => 1, |
| 653 | 'supplemental' => array('postid' => $pid) |
| 654 | ) ); |
| 655 | } else { |
| 656 | $mid = (int) array_pop(array_keys($_POST['meta'])); |
| 657 | $key = $_POST['meta'][$mid]['key']; |
| 658 | $value = $_POST['meta'][$mid]['value']; |
| 659 | if ( !$meta = get_post_meta_by_id( $mid ) ) |
| 660 | die('0'); // if meta doesn't exist |
| 661 | if ( !current_user_can( 'edit_post', $meta->post_id ) ) |
| 662 | die('-1'); |
| 663 | if ( !$u = update_meta( $mid, $key, $value ) ) |
| 664 | die('1'); // We know meta exists; we also know it's unchanged (or DB error, in which case there are bigger problems). |
| 665 | $key = stripslashes($key); |
| 666 | $value = stripslashes($value); |
| 667 | $x = new WP_Ajax_Response( array( |
| 668 | 'what' => 'meta', |
| 669 | 'id' => $mid, 'old_id' => $mid, |
| 670 | 'data' => _list_meta_row( array( |
| 671 | 'meta_key' => $key, |
| 672 | 'meta_value' => $value, |
| 673 | 'meta_id' => $mid |
| 674 | ), $c ), |
| 675 | 'position' => 0, |
| 676 | 'supplemental' => array('postid' => $meta->post_id) |
| 677 | ) ); |
| 678 | } |
| 679 | $x->send(); |
| 680 | break; |
| 681 | case 'add-user' : |
| 682 | check_ajax_referer( $action ); |
| 683 | if ( !current_user_can('create_users') ) |
| 684 | die('-1'); |
| 685 | require_once(ABSPATH . WPINC . '/registration.php'); |
| 686 | if ( !$user_id = add_user() ) |
| 687 | die('0'); |
| 688 | elseif ( is_wp_error( $user_id ) ) { |
| 689 | $x = new WP_Ajax_Response( array( |
| 690 | 'what' => 'user', |
| 691 | 'id' => $user_id |
| 692 | ) ); |
| 693 | $x->send(); |
| 694 | } |
| 695 | $user_object = new WP_User( $user_id ); |
| 696 | |
| 697 | $x = new WP_Ajax_Response( array( |
| 698 | 'what' => 'user', |
| 699 | 'id' => $user_id, |
| 700 | 'data' => user_row( $user_object, '', $user_object->roles[0] ), |
| 701 | 'supplemental' => array( |
| 702 | 'show-link' => sprintf(__( 'User <a href="#%s">%s</a> added' ), "user-$user_id", $user_object->user_login), |
| 703 | 'role' => $user_object->roles[0] |
| 704 | ) |
| 705 | ) ); |
| 706 | $x->send(); |
| 707 | break; |
| 708 | case 'autosave' : // The name of this action is hardcoded in edit_post() |
| 709 | define( 'DOING_AUTOSAVE', true ); |
| 710 | |
| 711 | $nonce_age = check_ajax_referer( 'autosave', 'autosavenonce' ); |
| 712 | global $current_user; |
| 713 | |
| 714 | $_POST['post_category'] = explode(",", $_POST['catslist']); |
| 715 | $_POST['tags_input'] = explode(",", $_POST['tags_input']); |
| 716 | if($_POST['post_type'] == 'page' || empty($_POST['post_category'])) |
| 717 | unset($_POST['post_category']); |
| 718 | |
| 719 | $do_autosave = (bool) $_POST['autosave']; |
| 720 | $do_lock = true; |
| 721 | |
| 722 | $data = ''; |
| 723 | $message = sprintf( __('Draft Saved at %s.'), date( __('g:i:s a'), current_time( 'timestamp', true ) ) ); |
| 724 | |
| 725 | $supplemental = array(); |
| 726 | |
| 727 | $id = $revision_id = 0; |
| 728 | if($_POST['post_ID'] < 0) { |
| 729 | $_POST['post_status'] = 'draft'; |
| 730 | $_POST['temp_ID'] = $_POST['post_ID']; |
| 731 | if ( $do_autosave ) { |
| 732 | $id = wp_write_post(); |
| 733 | $data = $message; |
| 734 | } |
| 735 | } else { |
| 736 | $post_ID = (int) $_POST['post_ID']; |
| 737 | $_POST['ID'] = $post_ID; |
| 738 | $post = get_post($post_ID); |
| 739 | |
| 740 | if ( $last = wp_check_post_lock( $post->ID ) ) { |
| 741 | $do_autosave = $do_lock = false; |
| 742 | |
| 743 | $last_user = get_userdata( $last ); |
| 744 | $last_user_name = $last_user ? $last_user->display_name : __( 'Someone' ); |
| 745 | $data = new WP_Error( 'locked', sprintf( |
| 746 | $_POST['post_type'] == 'page' ? __( 'Autosave disabled: %s is currently editing this page.' ) : __( 'Autosave disabled: %s is currently editing this post.' ), |
| 747 | wp_specialchars( $last_user_name ) |
| 748 | ) ); |
| 749 | |
| 750 | $supplemental['disable_autosave'] = 'disable'; |
| 751 | } |
| 752 | |
| 753 | if ( 'page' == $post->post_type ) { |
| 754 | if ( !current_user_can('edit_page', $post_ID) ) |
| 755 | die(__('You are not allowed to edit this page.')); |
| 756 | } else { |
| 757 | if ( !current_user_can('edit_post', $post_ID) ) |
| 758 | die(__('You are not allowed to edit this post.')); |
| 759 | } |
| 760 | |
| 761 | if ( $do_autosave ) { |
| 762 | // Drafts are just overwritten by autosave |
| 763 | if ( 'draft' == $post->post_status ) { |
| 764 | $id = edit_post(); |
| 765 | } else { // Non drafts are not overwritten. The autosave is stored in a special post revision. |
| 766 | $revision_id = wp_create_post_autosave( $post->ID ); |
| 767 | if ( is_wp_error($revision_id) ) |
| 768 | $id = $revision_id; |
| 769 | else |
| 770 | $id = $post->ID; |
| 771 | } |
| 772 | $data = $message; |
| 773 | } else { |
| 774 | $id = $post->ID; |
| 775 | } |
| 776 | } |
| 777 | |
| 778 | if ( $do_lock && $id && is_numeric($id) ) |
| 779 | wp_set_post_lock( $id ); |
| 780 | |
| 781 | if ( $nonce_age == 2 ) { |
| 782 | $supplemental['replace-autosavenonce'] = wp_create_nonce('autosave'); |
| 783 | $supplemental['replace-getpermalinknonce'] = wp_create_nonce('getpermalink'); |
| 784 | $supplemental['replace-samplepermalinknonce'] = wp_create_nonce('samplepermalink'); |
| 785 | $supplemental['replace-closedpostboxesnonce'] = wp_create_nonce('closedpostboxes'); |
| 786 | if ( $id ) { |
| 787 | if ( $_POST['post_type'] == 'post' ) |
| 788 | $supplemental['replace-_wpnonce'] = wp_create_nonce('update-post_' . $id); |
| 789 | elseif ( $_POST['post_type'] == 'page' ) |
| 790 | $supplemental['replace-_wpnonce'] = wp_create_nonce('update-page_' . $id); |
| 791 | } |
| 792 | } |
| 793 | |
| 794 | $x = new WP_Ajax_Response( array( |
| 795 | 'what' => 'autosave', |
| 796 | 'id' => $id, |
| 797 | 'data' => $id ? $data : '', |
| 798 | 'supplemental' => $supplemental |
| 799 | ) ); |
| 800 | $x->send(); |
| 801 | break; |
| 802 | case 'autosave-generate-nonces' : |
| 803 | check_ajax_referer( 'autosave', 'autosavenonce' ); |
| 804 | $ID = (int) $_POST['post_ID']; |
| 805 | if($_POST['post_type'] == 'post') { |
| 806 | if(current_user_can('edit_post', $ID)) |
| 807 | die(wp_create_nonce('update-post_' . $ID)); |
| 808 | } |
| 809 | if($_POST['post_type'] == 'page') { |
| 810 | if(current_user_can('edit_page', $ID)) { |
| 811 | die(wp_create_nonce('update-page_' . $ID)); |
| 812 | } |
| 813 | } |
| 814 | die('0'); |
| 815 | break; |
| 816 | case 'closed-postboxes' : |
| 817 | check_ajax_referer( 'closedpostboxes', 'closedpostboxesnonce' ); |
| 818 | $closed = isset( $_POST['closed'] )? $_POST['closed'] : ''; |
| 819 | $closed = explode( ',', $_POST['closed'] ); |
| 820 | $hidden = isset( $_POST['hidden'] )? $_POST['hidden'] : ''; |
| 821 | $hidden = explode( ',', $_POST['hidden'] ); |
| 822 | $page = isset( $_POST['page'] )? $_POST['page'] : ''; |
| 823 | if ( !preg_match( '/^[a-z-_]+$/', $page ) ) { |
| 824 | die(-1); |
| 825 | } |
| 826 | $current_user = wp_get_current_user(); |
| 827 | if ( is_array($closed) ) |
| 828 | update_usermeta($current_user->ID, 'closedpostboxes_'.$page, $closed); |
| 829 | if ( is_array($hidden) ) |
| 830 | update_usermeta($current_user->ID, 'meta-box-hidden_'.$page, $hidden); |
| 831 | break; |
| 832 | case 'hidden-columns' : |
| 833 | check_ajax_referer( 'hiddencolumns', 'hiddencolumnsnonce' ); |
| 834 | $hidden = isset( $_POST['hidden'] )? $_POST['hidden'] : ''; |
| 835 | $hidden = explode( ',', $_POST['hidden'] ); |
| 836 | $page = isset( $_POST['page'] )? $_POST['page'] : ''; |
| 837 | if ( !preg_match( '/^[a-z-_]+$/', $page ) ) { |
| 838 | die(-1); |
| 839 | } |
| 840 | $current_user = wp_get_current_user(); |
| 841 | if ( is_array($hidden) ) |
| 842 | update_usermeta($current_user->ID, "manage-$page-columns-hidden", $hidden); |
| 843 | break; |
| 844 | case 'get-permalink': |
| 845 | check_ajax_referer( 'getpermalink', 'getpermalinknonce' ); |
| 846 | $post_id = isset($_POST['post_id'])? intval($_POST['post_id']) : 0; |
| 847 | die(add_query_arg(array('preview' => 'true'), get_permalink($post_id))); |
| 848 | break; |
| 849 | case 'sample-permalink': |
| 850 | check_ajax_referer( 'samplepermalink', 'samplepermalinknonce' ); |
| 851 | $post_id = isset($_POST['post_id'])? intval($_POST['post_id']) : 0; |
| 852 | $title = isset($_POST['new_title'])? $_POST['new_title'] : ''; |
| 853 | $slug = isset($_POST['new_slug'])? $_POST['new_slug'] : ''; |
| 854 | die(get_sample_permalink_html($post_id, $title, $slug)); |
| 855 | break; |
| 856 | case 'inline-save': |
| 857 | check_ajax_referer( 'inlineeditnonce', '_inline_edit' ); |
| 858 | |
| 859 | if ( ! isset($_POST['post_ID']) || ! ( $post_ID = (int) $_POST['post_ID'] ) ) |
| 860 | exit; |
| 861 | |
| 862 | if ( 'page' == $_POST['post_type'] ) { |
| 863 | if ( ! current_user_can( 'edit_page', $post_ID ) ) |
| 864 | die( __('You are not allowed to edit this page.') ); |
| 865 | } else { |
| 866 | if ( ! current_user_can( 'edit_post', $post_ID ) ) |
| 867 | die( __('You are not allowed to edit this post.') ); |
| 868 | } |
| 869 | |
| 870 | if ( $last = wp_check_post_lock( $post_ID ) ) { |
| 871 | $last_user = get_userdata( $last ); |
| 872 | $last_user_name = $last_user ? $last_user->display_name : __( 'Someone' ); |
| 873 | printf( $_POST['post_type'] == 'page' ? __( 'Saving is disabled: %s is currently editing this page.' ) : __( 'Saving is disabled: %s is currently editing this post.' ), wp_specialchars( $last_user_name ) ); |
| 874 | exit; |
| 875 | } |
| 876 | |
| 877 | $data = &$_POST; |
| 878 | $post = get_post( $post_ID, ARRAY_A ); |
| 879 | $data['content'] = $post['post_content']; |
| 880 | $data['excerpt'] = $post['post_excerpt']; |
| 881 | |
| 882 | // rename |
| 883 | $data['user_ID'] = $GLOBALS['user_ID']; |
| 884 | |
| 885 | if ( isset($data['post_parent']) ) |
| 886 | $data['parent_id'] = $data['post_parent']; |
| 887 | |
| 888 | // status |
| 889 | if ( isset($data['keep_private']) && 'private' == $data['keep_private'] ) |
| 890 | $data['post_status'] = 'private'; |
| 891 | else |
| 892 | $data['post_status'] = $data['_status']; |
| 893 | |
| 894 | if ( empty($data['comment_status']) ) |
| 895 | $data['comment_status'] = 'closed'; |
| 896 | if ( empty($data['ping_status']) ) |
| 897 | $data['ping_status'] = 'closed'; |
| 898 | |
| 899 | // update the post |
| 900 | $_POST = $data; |
| 901 | edit_post(); |
| 902 | |
| 903 | $post = array(); |
| 904 | if ( 'page' == $_POST['post_type'] ) { |
| 905 | $post[] = get_post($_POST['post_ID']); |
| 906 | page_rows($post); |
| 907 | } elseif ( 'post' == $_POST['post_type'] ) { |
| 908 | $mode = $_POST['post_view']; |
| 909 | $post[] = get_post($_POST['post_ID']); |
| 910 | post_rows($post); |
| 911 | } |
| 912 | |
| 913 | exit; |
| 914 | break; |
| 915 | case 'inline-save-tax': |
| 916 | check_ajax_referer( 'taxinlineeditnonce', '_inline_edit' ); |
| 917 | |
| 918 | if ( ! current_user_can('manage_categories') ) |
| 919 | die( __('Cheatin’ uh?') ); |
| 920 | |
| 921 | if ( ! isset($_POST['tax_ID']) || ! ( $id = (int) $_POST['tax_ID'] ) ) |
| 922 | die(-1); |
| 923 | |
| 924 | switch ($_POST['tax_type']) { |
| 925 | case 'cat' : |
| 926 | $data = array(); |
| 927 | $data['cat_ID'] = $id; |
| 928 | $data['cat_name'] = $_POST['name']; |
| 929 | $data['category_nicename'] = $_POST['slug']; |
| 930 | if ( isset($_POST['parent']) && (int) $_POST['parent'] > 0 ) |
| 931 | $data['category_parent'] = $_POST['parent']; |
| 932 | |
| 933 | $cat = get_category($id, ARRAY_A); |
| 934 | $data['category_description'] = $cat['category_description']; |
| 935 | |
| 936 | $updated = wp_update_category($data); |
| 937 | |
| 938 | if ( $updated && !is_wp_error($updated) ) |
| 939 | echo _cat_row( $updated, 0 ); |
| 940 | else |
| 941 | die( __('Category not updated.') ); |
| 942 | |
| 943 | break; |
| 944 | case 'link-cat' : |
| 945 | $updated = wp_update_term($id, 'link_category', $_POST); |
| 946 | |
| 947 | if ( $updated && !is_wp_error($updated) ) |
| 948 | echo link_cat_row($updated['term_id']); |
| 949 | else |
| 950 | die( __('Category not updated.') ); |
| 951 | |
| 952 | break; |
| 953 | case 'tag' : |
| 954 | $updated = wp_update_term($id, 'post_tag', $_POST); |
| 955 | if ( $updated && !is_wp_error($updated) ) { |
| 956 | $tag = get_term( $updated['term_id'], 'post_tag' ); |
| 957 | if ( !$tag || is_wp_error( $tag ) ) |
| 958 | die( __('Tag not updated.') ); |
| 959 | |
| 960 | echo _tag_row($tag); |
| 961 | } else { |
| 962 | die( __('Tag not updated.') ); |
| 963 | } |
| 964 | |
| 965 | break; |
| 966 | } |
| 967 | |
| 968 | exit; |
| 969 | break; |
| 970 | case 'meta-box-order': |
| 971 | check_ajax_referer( 'meta-box-order' ); |
| 972 | update_user_option( $GLOBALS['current_user']->ID, "meta-box-order_$_POST[page]", $_POST['order'] ); |
| 973 | die('1'); |
| 974 | break; |
| 975 | case 'find_posts': |
| 976 | check_ajax_referer( 'find-posts' ); |
| 977 | |
| 978 | if ( empty($_POST['ps']) ) |
| 979 | exit; |
| 980 | |
| 981 | $what = isset($_POST['pages']) ? 'page' : 'post'; |
| 982 | $s = stripslashes($_POST['ps']); |
| 983 | preg_match_all('/".*?("|$)|((?<=[\\s",+])|^)[^\\s",+]+/', $s, $matches); |
| 984 | $search_terms = array_map(create_function('$a', 'return trim($a, "\\"\'\\n\\r ");'), $matches[0]); |
| 985 | |
| 986 | $searchand = $search = ''; |
| 987 | foreach( (array) $search_terms as $term) { |
| 988 | $term = addslashes_gpc($term); |
| 989 | $search .= "{$searchand}(($wpdb->posts.post_title LIKE '%{$term}%') OR ($wpdb->posts.post_content LIKE '%{$term}%'))"; |
| 990 | $searchand = ' AND '; |
| 991 | } |
| 992 | $term = $wpdb->escape($s); |
| 993 | if ( count($search_terms) > 1 && $search_terms[0] != $s ) |
| 994 | $search .= " OR ($wpdb->posts.post_title LIKE '%{$term}%') OR ($wpdb->posts.post_content LIKE '%{$term}%')"; |
| 995 | |
| 996 | $posts = $wpdb->get_results( "SELECT ID, post_title, post_status, post_date FROM $wpdb->posts WHERE post_type = '$what' AND $search ORDER BY post_date_gmt DESC LIMIT 50" ); |
| 997 | |
| 998 | if ( ! $posts ) |
| 999 | exit( __('No posts found.') ); |
| 1000 | |
| 1001 | $html = '<table class="widefat"><thead><tr><th class="found-radio"><br /></th><th>'.__('Title').'</th><th>'.__('Time').'</th><th>'.__('Status').'</th></tr></thead><tbody>'; |
| 1002 | foreach ( $posts as $post ) { |
| 1003 | |
| 1004 | switch ( $post->post_status ) { |
| 1005 | case 'publish' : |
| 1006 | case 'private' : |
| 1007 | $stat = __('Published'); |
| 1008 | break; |
| 1009 | case 'future' : |
| 1010 | $stat = __('Scheduled'); |
| 1011 | break; |
| 1012 | case 'pending' : |
| 1013 | $stat = __('Pending Review'); |
| 1014 | break; |
| 1015 | case 'draft' : |
| 1016 | $stat = __('Unpublished'); |
| 1017 | break; |
| 1018 | } |
| 1019 | |
| 1020 | if ( '0000-00-00 00:00:00' == $post->post_date ) { |
| 1021 | $time = ''; |
| 1022 | } else { |
| 1023 | $time = mysql2date(__('Y/m/d'), $post->post_date); |
| 1024 | } |
| 1025 | |
| 1026 | $html .= '<tr class="found-posts"><td class="found-radio"><input type="radio" id="found-'.$post->ID.'" name="found_post_id" value="'.$post->ID.'"></td>'; |
| 1027 | $html .= '<td><label for="found-'.$post->ID.'">'.wp_specialchars($post->post_title, true).'</label></td><td>'.wp_specialchars($time, true).'</td><td>'.wp_specialchars($stat, true).'</td></tr>'."\n\n"; |
| 1028 | } |
| 1029 | $html .= '</tbody></table>'; |
| 1030 | |
| 1031 | $x = new WP_Ajax_Response(); |
| 1032 | $x->add( array( |
| 1033 | 'what' => $what, |
| 1034 | 'data' => $html |
| 1035 | )); |
| 1036 | $x->send(); |
| 1037 | |
| 1038 | break; |
| 1039 | default : |
| 1040 | do_action( 'wp_ajax_' . $_POST['action'] ); |
| 1041 | die('0'); |
| 1042 | break; |
| 1043 | endswitch; |
| 1044 | ?> |