admin-functions.php
来自「php 开发的内容管理系统」· PHP 代码 · 共 1,864 行 · 第 1/4 页
PHP
1,864 行
<?php
// Creates a new post from the "Write Post" form using $_POST information.
function write_post() {
global $user_ID;
if (!current_user_can('edit_posts'))
die(__('You are not allowed to create posts or drafts on this blog.'));
// Rename.
$_POST['post_content'] = $_POST['content'];
$_POST['post_excerpt'] = $_POST['excerpt'];
$_POST['post_parent'] = $_POST['parent_id'];
$_POST['to_ping'] = $_POST['trackback_url'];
// Added for XPress
// Skip the trouble maker!
$_POST['post_author_override'] = null;
if (!empty ($_POST['post_author_override'])) {
$_POST['post_author'] = (int) $_POST['post_author_override'];
} else
if (!empty ($_POST['post_author'])) {
$_POST['post_author'] = (int) $_POST['post_author'];
} else {
$_POST['post_author'] = (int) $_POST['user_ID'];
}
if (($_POST['post_author'] != $_POST['user_ID']) && !current_user_can('edit_others_posts'))
die(__('You cannot post as this user.'));
// What to do based on which button they pressed
if ('' != $_POST['saveasdraft'])
$_POST['post_status'] = 'draft';
if ('' != $_POST['saveasprivate'])
$_POST['post_status'] = 'private';
if ('' != $_POST['publish'])
$_POST['post_status'] = 'publish';
if ('' != $_POST['advanced'])
$_POST['post_status'] = 'draft';
if ('' != $_POST['savepage'])
$_POST['post_status'] = 'static';
if ('publish' == $_POST['post_status'] && !current_user_can('publish_posts'))
$_POST['post_status'] = 'draft';
if ('static' == $_POST['post_status'] && !current_user_can('edit_pages'))
die(__('This user cannot edit pages.'));
if (!isset ($_POST['comment_status']))
$_POST['comment_status'] = 'closed';
if (!isset ($_POST['ping_status']))
$_POST['ping_status'] = 'closed';
if (!empty ($_POST['edit_date'])) {
$aa = $_POST['aa'];
$mm = $_POST['mm'];
$jj = $_POST['jj'];
$hh = $_POST['hh'];
$mn = $_POST['mn'];
$ss = $_POST['ss'];
$jj = ($jj > 31) ? 31 : $jj;
$hh = ($hh > 23) ? $hh -24 : $hh;
$mn = ($mn > 59) ? $mn -60 : $mn;
$ss = ($ss > 59) ? $ss -60 : $ss;
$_POST['post_date'] = "$aa-$mm-$jj $hh:$mn:$ss";
$_POST['post_date_gmt'] = get_gmt_from_date("$aa-$mm-$jj $hh:$mn:$ss");
}
// Create the post.
$post_ID = wp_insert_post($_POST);
add_meta($post_ID);
// Reunite any orphaned attachments with their parent
if ( $_POST['temp_ID'] )
relocate_children($_POST['temp_ID'], $post_ID);
// Now that we have an ID we can fix any attachment anchor hrefs
fix_attachment_links($post_ID);
return $post_ID;
}
// Move child posts to a new parent
function relocate_children($old_ID, $new_ID) {
global $wpdb;
$old_ID = (int) $old_ID;
$new_ID = (int) $new_ID;
return $wpdb->query("UPDATE $wpdb->posts SET post_parent = $new_ID WHERE post_parent = $old_ID");
}
// Replace hrefs of attachment anchors with up-to-date permalinks.
function fix_attachment_links($post_ID) {
global $wp_rewrite;
$post = & get_post($post_ID, ARRAY_A);
$search = "#<a[^>]+rel=('|\")[^'\"]*attachment[^>]*>#ie";
// See if we have any rel="attachment" links
if ( 0 == preg_match_all($search, $post['post_content'], $anchor_matches, PREG_PATTERN_ORDER) )
return;
$i = 0;
$search = "# id=(\"|')p(\d+)\\1#i";
foreach ( $anchor_matches[0] as $anchor ) {
if ( 0 == preg_match($search, $anchor, $id_matches) )
continue;
$id = $id_matches[2];
// While we have the attachment ID, let's adopt any orphans.
$attachment = & get_post($id, ARRAY_A);
if ( ! empty($attachment) && ! is_object(get_post($attachment['post_parent'])) ) {
$attachment['post_parent'] = $post_ID;
// Escape data pulled from DB.
$attachment = add_magic_quotes($attachment);
wp_update_post($attachment);
}
$post_search[$i] = $anchor;
$post_replace[$i] = preg_replace("#href=(\"|')[^'\"]*\\1#e", "stripslashes('href=\\1').get_attachment_link($id).stripslashes('\\1')", $anchor);
++$i;
}
$post['post_content'] = str_replace($post_search, $post_replace, $post['post_content']);
// Escape data pulled from DB.
$post = add_magic_quotes($post);
return wp_update_post($post);
}
// Update an existing post with values provided in $_POST.
function edit_post() {
global $user_ID;
$post_ID = (int) $_POST['post_ID'];
if (!current_user_can('edit_post', $post_ID))
die(__('You are not allowed to edit this post.'));
// Rename.
$_POST['ID'] = (int) $_POST['post_ID'];
$_POST['post_content'] = $_POST['content'];
$_POST['post_excerpt'] = $_POST['excerpt'];
$_POST['post_parent'] = $_POST['parent_id'];
$_POST['to_ping'] = $_POST['trackback_url'];
// Added for XPress
// Skip the trouble maker!
$_POST['post_author_override'] = null;
if (!empty ($_POST['post_author_override'])) {
$_POST['post_author'] = (int) $_POST['post_author_override'];
} else
if (!empty ($_POST['post_author'])) {
$_POST['post_author'] = (int) $_POST['post_author'];
} else {
$_POST['post_author'] = (int) $_POST['user_ID'];
}
if (($_POST['post_author'] != $_POST['user_ID']) && !current_user_can('edit_others_posts'))
die(__('You cannot post as this user.'));
// What to do based on which button they pressed
if ('' != $_POST['saveasdraft'])
$_POST['post_status'] = 'draft';
if ('' != $_POST['saveasprivate'])
$_POST['post_status'] = 'private';
if ('' != $_POST['publish'])
$_POST['post_status'] = 'publish';
if ('' != $_POST['advanced'])
$_POST['post_status'] = 'draft';
if ('' != $_POST['savepage'])
$_POST['post_status'] = 'static';
if ('publish' == $_POST['post_status'] && !current_user_can('publish_posts'))
$_POST['post_status'] = 'draft';
if ('static' == $_POST['post_status'] && !current_user_can('edit_pages'))
die(__('This user cannot edit pages.'));
if (!isset ($_POST['comment_status']))
$_POST['comment_status'] = 'closed';
if (!isset ($_POST['ping_status']))
$_POST['ping_status'] = 'closed';
if (!empty ($_POST['edit_date'])) {
$aa = $_POST['aa'];
$mm = $_POST['mm'];
$jj = $_POST['jj'];
$hh = $_POST['hh'];
$mn = $_POST['mn'];
$ss = $_POST['ss'];
$jj = ($jj > 31) ? 31 : $jj;
$hh = ($hh > 23) ? $hh -24 : $hh;
$mn = ($mn > 59) ? $mn -60 : $mn;
$ss = ($ss > 59) ? $ss -60 : $ss;
$_POST['post_date'] = "$aa-$mm-$jj $hh:$mn:$ss";
$_POST['post_date_gmt'] = get_gmt_from_date("$aa-$mm-$jj $hh:$mn:$ss");
}
// Meta Stuff
if ($_POST['meta']) {
foreach ($_POST['meta'] as $key => $value)
update_meta($key, $value['key'], $value['value']);
}
if ($_POST['deletemeta']) {
foreach ($_POST['deletemeta'] as $key => $value)
delete_meta($key);
}
add_meta($post_ID);
wp_update_post($_POST);
// Now that we have an ID we can fix any attachment anchor hrefs
fix_attachment_links($post_ID);
return $post_ID;
}
function edit_comment() {
global $user_ID;
$comment_ID = (int) $_POST['comment_ID'];
$comment_post_ID = (int) $_POST['comment_post_ID'];
if (!current_user_can('edit_post', $comment_post_ID))
die(__('You are not allowed to edit comments on this post, so you cannot edit this comment.'));
$_POST['comment_author'] = $_POST['newcomment_author'];
$_POST['comment_author_email'] = $_POST['newcomment_author_email'];
$_POST['comment_author_url'] = $_POST['newcomment_author_url'];
$_POST['comment_approved'] = $_POST['comment_status'];
$_POST['comment_content'] = $_POST['content'];
$_POST['comment_ID'] = (int) $_POST['comment_ID'];
if (!empty ($_POST['edit_date'])) {
$aa = $_POST['aa'];
$mm = $_POST['mm'];
$jj = $_POST['jj'];
$hh = $_POST['hh'];
$mn = $_POST['mn'];
$ss = $_POST['ss'];
$jj = ($jj > 31) ? 31 : $jj;
$hh = ($hh > 23) ? $hh -24 : $hh;
$mn = ($mn > 59) ? $mn -60 : $mn;
$ss = ($ss > 59) ? $ss -60 : $ss;
$_POST['comment_date'] = "$aa-$mm-$jj $hh:$mn:$ss";
}
wp_update_comment($_POST);
}
// Get an existing post and format it for editing.
function get_post_to_edit($id) {
global $richedit;
$richedit = ( 'true' == get_user_option('rich_editing') ) ? true : false;
$post = get_post($id);
$post->post_content = format_to_edit($post->post_content, $richedit);
$post->post_content = apply_filters('content_edit_pre', $post->post_content);
$post->post_excerpt = format_to_edit($post->post_excerpt);
$post->post_excerpt = apply_filters('excerpt_edit_pre', $post->post_excerpt);
$post->post_title = format_to_edit($post->post_title);
$post->post_title = apply_filters('title_edit_pre', $post->post_title);
if ($post->post_status == 'static')
$post->page_template = get_post_meta($id, '_wp_page_template', true);
return $post;
}
// Default post information to use when populating the "Write Post" form.
function get_default_post_to_edit() {
if ( !empty($_REQUEST['post_title']) )
$post_title = wp_specialchars(stripslashes($_REQUEST['post_title']));
else if ( !empty($_REQUEST['popuptitle']) ) {
$post_title = wp_specialchars(stripslashes($_REQUEST['popuptitle']));
$post_title = funky_javascript_fix($post_title);
} else {
$post_title = '';
}
if ( !empty($_REQUEST['content']) )
$post_content = wp_specialchars(stripslashes($_REQUEST['content']));
else if ( !empty($post_title) ) {
$text = wp_specialchars(stripslashes(urldecode($_REQUEST['text'])));
$text = funky_javascript_fix($text);
$popupurl = wp_specialchars($_REQUEST['popupurl']);
$post_content = '<a href="'.$popupurl.'">'.$post_title.'</a>'."\n$text";
}
if ( !empty($_REQUEST['excerpt']) )
$post_excerpt = wp_specialchars(stripslashes($_REQUEST['excerpt']));
else
$post_excerpt = '';
$post->post_status = 'draft';
$post->comment_status = get_settings('default_comment_status');
$post->ping_status = get_settings('default_ping_status');
$post->post_pingback = get_settings('default_pingback_flag');
$post->post_category = get_settings('default_category');
$post->post_content = apply_filters('default_content', $post_content);
$post->post_title = apply_filters('default_title', $post_title);
$post->post_excerpt = apply_filters('default_excerpt', $post_excerpt);
$post->page_template = 'default';
$post->post_parent = 0;
$post->menu_order = 0;
return $post;
}
function get_comment_to_edit($id) {
global $richedit;
$richedit = ( 'true' == get_user_option('rich_editing') ) ? true : false;
$comment = get_comment($id);
$comment->comment_content = format_to_edit($comment->comment_content, $richedit);
$comment->comment_content = apply_filters('comment_edit_pre', $comment->comment_content);
$comment->comment_author = format_to_edit($comment->comment_author);
$comment->comment_author_email = format_to_edit($comment->comment_author_email);
$comment->comment_author_url = format_to_edit($comment->comment_author_url);
return $comment;
}
function get_category_to_edit($id) {
$category = get_category($id);
return $category;
}
// Creates a new user from the "Users" form using $_POST information.
function add_user() {
return edit_user();
}
function edit_user($user_id = 0) {
global $current_user, $wp_roles, $wpdb;
if ($user_id != 0) {
$update = true;
$user->ID = $user_id;
$userdata = get_userdata($user_id);
$user->user_login = $wpdb->escape($userdata->user_login);
} else {
$update = false;
$user = '';
}
if (isset ($_POST['user_login']))
$user->user_login = wp_specialchars(trim($_POST['user_login']));
$pass1 = $pass2 = '';
if (isset ($_POST['pass1']))
$pass1 = $_POST['pass1'];
if (isset ($_POST['pass2']))
$pass2 = $_POST['pass2'];
if (isset ($_POST['role']) && current_user_can('edit_users')) {
if($user_id != $current_user->id || $wp_roles->role_objects[$_POST['role']]->has_cap('edit_users'))
$user->role = $_POST['role'];
}
if (isset ($_POST['email']))
$user->user_email = wp_specialchars(trim($_POST['email']));
if (isset ($_POST['url'])) {
$user->user_url = wp_specialchars(trim($_POST['url']));
$user->user_url = preg_match('/^(https?|ftps?|mailto|news|gopher):/is', $user->user_url) ? $user->user_url : 'http://'.$user->user_url;
}
if (isset ($_POST['first_name']))
$user->first_name = wp_specialchars(trim($_POST['first_name']));
if (isset ($_POST['last_name']))
$user->last_name = wp_specialchars(trim($_POST['last_name']));
if (isset ($_POST['nickname']))
$user->nickname = wp_specialchars(trim($_POST['nickname']));
if (isset ($_POST['display_name']))
$user->display_name = wp_specialchars(trim($_POST['display_name']));
if (isset ($_POST['description']))
$user->description = wp_specialchars(trim($_POST['description']));
if (isset ($_POST['jabber']))
$user->jabber = wp_specialchars(trim($_POST['jabber']));
if (isset ($_POST['aim']))
$user->aim = wp_specialchars(trim($_POST['aim']));
if (isset ($_POST['yim']))
$user->yim = wp_specialchars(trim($_POST['yim']));
$errors = array ();
/* checking that username has been typed */
if ($user->user_login == '')
$errors['user_login'] = __('<strong>ERROR</strong>: Please enter a username.');
/* checking the password has been typed twice */
do_action('check_passwords', array ($user->user_login, & $pass1, & $pass2));
if (!$update) {
if ($pass1 == '' || $pass2 == '')
$errors['pass'] = __('<strong>ERROR</strong>: Please enter your password twice.');
} else {
if ((empty ($pass1) && !empty ($pass2)) || (empty ($pass2) && !empty ($pass1)))
$errors['pass'] = __("<strong>ERROR</strong>: you typed your new password only once.");
}
/* Check for "\" in password */
if( strpos( " ".$pass1, "\\" ) )
$errors['pass'] = __('<strong>ERROR</strong>: Passwords may not contain the character "\\".');
/* checking the password has been typed twice the same */
if ($pass1 != $pass2)
$errors['pass'] = __('<strong>ERROR</strong>: Please type the same password in the two password fields.');
if (!empty ($pass1))
$user->user_pass = $pass1;
if ( !validate_username($user->user_login) )
$errors['user_login'] = __('<strong>ERROR</strong>: This username is invalid. Please enter a valid username.');
if (!$update && username_exists($user->user_login))
$errors['user_login'] = __('<strong>ERROR</strong>: This username is already registered, please choose another one.');
/* checking e-mail address */
if (empty ($user->user_email)) {
$errors['user_email'] = __("<strong>ERROR</strong>: please type an e-mail address");
} else
if (!is_email($user->user_email)) {
$errors['user_email'] = __("<strong>ERROR</strong>: the email address isn't correct");
}
if (count($errors) != 0)
return $errors;
if ($update) {
$user_id = wp_update_user(get_object_vars($user));
} else {
$user_id = wp_insert_user(get_object_vars($user));
wp_new_user_notification($user_id);
}
return $errors;
}
function get_link_to_edit($link_id) {
$link = get_link($link_id);
$link->link_url = wp_specialchars($link->link_url, 1);
$link->link_name = wp_specialchars($link->link_name, 1);
$link->link_description = wp_specialchars($link->link_description);
$link->link_notes = wp_specialchars($link->link_notes);
$link->link_rss = wp_specialchars($link->link_rss);
return $link;
}
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?