PageRenderTime 52ms CodeModel.GetById 15ms RepoModel.GetById 0ms app.codeStats 0ms

/APP/wp-admin/includes/post.php

https://bitbucket.org/AFelipeTrujillo/goblog
PHP | 1659 lines | 957 code | 268 blank | 434 comment | 337 complexity | 8e2d522e701c275eb8f291c822143072 MD5 | raw file
Possible License(s): GPL-2.0, LGPL-2.1

Large files files are truncated, but you can click here to view the full file

    

  1. <?php
    2. 

  2. /**
    3. 

  3.  * WordPress Post Administration API.
    4. 

  4.  *
    5. 

  5.  * @package WordPress
    6. 

  6.  * @subpackage Administration
    7. 

  7.  */
    8. 

  8. 

  9. /**
    10. 

  10.  * Rename $_POST data from form names to DB post columns.
    11. 

  11.  *
    12. 

  12.  * Manipulates $_POST directly.
    13. 

  13.  *
    14. 

  14.  * @package WordPress
    15. 

  15.  * @since 2.6.0
    16. 

  16.  *
    17. 

  17.  * @param bool $update Are we updating a pre-existing post?
    18. 

  18.  * @param array $post_data Array of post data. Defaults to the contents of $_POST.
    19. 

  19.  * @return object|bool WP_Error on failure, true on success.
    20. 

  20.  */
    21. 

  21. function _wp_translate_postdata( $update = false, $post_data = null ) {
    22. 

  22. 

  23. 	if ( empty($post_data) )
    24. 

  24. 		$post_data = &$_POST;
    25. 

  25. 

  26. 	if ( $update )
    27. 

  27. 		$post_data['ID'] = (int) $post_data['post_ID'];
    28. 

  28. 

  29. 	$ptype = get_post_type_object( $post_data['post_type'] );
    30. 

  30. 

  31. 	if ( $update && ! current_user_can( 'edit_post', $post_data['ID'] ) ) {
    32. 

  32. 		if ( 'page' == $post_data['post_type'] )
    33. 

  33. 			return new WP_Error( 'edit_others_pages', __( 'You are not allowed to edit pages as this user.' ) );
    34. 

  34. 		else
    35. 

  35. 			return new WP_Error( 'edit_others_posts', __( 'You are not allowed to edit posts as this user.' ) );
    36. 

  36. 	} elseif ( ! $update && ! current_user_can( $ptype->cap->create_posts ) ) {
    37. 

  37. 		if ( 'page' == $post_data['post_type'] )
    38. 

  38. 			return new WP_Error( 'edit_others_pages', __( 'You are not allowed to create pages as this user.' ) );
    39. 

  39. 		else
    40. 

  40. 			return new WP_Error( 'edit_others_posts', __( 'You are not allowed to create posts as this user.' ) );
    41. 

  41. 	}
    42. 

  42. 

  43. 	if ( isset( $post_data['content'] ) )
    44. 

  44. 		$post_data['post_content'] = $post_data['content'];
    45. 

  45. 

  46. 	if ( isset( $post_data['excerpt'] ) )
    47. 

  47. 		$post_data['post_excerpt'] = $post_data['excerpt'];
    48. 

  48. 

  49. 	if ( isset( $post_data['parent_id'] ) )
    50. 

  50. 		$post_data['post_parent'] = (int) $post_data['parent_id'];
    51. 

  51. 

  52. 	if ( isset($post_data['trackback_url']) )
    53. 

  53. 		$post_data['to_ping'] = $post_data['trackback_url'];
    54. 

  54. 

  55. 	$post_data['user_ID'] = get_current_user_id();
    56. 

  56. 

  57. 	if (!empty ( $post_data['post_author_override'] ) ) {
    58. 

  58. 		$post_data['post_author'] = (int) $post_data['post_author_override'];
    59. 

  59. 	} else {
    60. 

  60. 		if (!empty ( $post_data['post_author'] ) ) {
    61. 

  61. 			$post_data['post_author'] = (int) $post_data['post_author'];
    62. 

  62. 		} else {
    63. 

  63. 			$post_data['post_author'] = (int) $post_data['user_ID'];
    64. 

  64. 		}
    65. 

  65. 	}
    66. 

  66. 

  67. 	if ( isset( $post_data['user_ID'] ) && ( $post_data['post_author'] != $post_data['user_ID'] )
    68. 

  68. 		 && ! current_user_can( $ptype->cap->edit_others_posts ) ) {
    69. 

  69. 		if ( $update ) {
    70. 

  70. 			if ( 'page' == $post_data['post_type'] )
    71. 

  71. 				return new WP_Error( 'edit_others_pages', __( 'You are not allowed to edit pages as this user.' ) );
    72. 

  72. 			else
    73. 

  73. 				return new WP_Error( 'edit_others_posts', __( 'You are not allowed to edit posts as this user.' ) );
    74. 

  74. 		} else {
    75. 

  75. 			if ( 'page' == $post_data['post_type'] )
    76. 

  76. 				return new WP_Error( 'edit_others_pages', __( 'You are not allowed to create pages as this user.' ) );
    77. 

  77. 			else
    78. 

  78. 				return new WP_Error( 'edit_others_posts', __( 'You are not allowed to create posts as this user.' ) );
    79. 

  79. 		}
    80. 

  80. 	}
    81. 

  81. 

  82. 	if ( ! empty( $post_data['post_status'] ) ) {
    83. 

  83. 		$post_data['post_status'] = sanitize_key( $post_data['post_status'] );
    84. 

  84. 

  85. 		// No longer an auto-draft
    86. 

  86. 		if ( 'auto-draft' === $post_data['post_status'] ) {
    87. 

  87. 			$post_data['post_status'] = 'draft';
    88. 

  88. 		}
    89. 

  89. 

  90. 		if ( ! get_post_status_object( $post_data['post_status'] ) ) {
    91. 

  91. 			unset( $post_data['post_status'] );
    92. 

  92. 		}
    93. 

  93. 	}
    94. 

  94. 

  95. 	// What to do based on which button they pressed
    96. 

  96. 	if ( isset($post_data['saveasdraft']) && '' != $post_data['saveasdraft'] )
    97. 

  97. 		$post_data['post_status'] = 'draft';
    98. 

  98. 	if ( isset($post_data['saveasprivate']) && '' != $post_data['saveasprivate'] )
    99. 

  99. 		$post_data['post_status'] = 'private';
    100. 

  100. 	if ( isset($post_data['publish']) && ( '' != $post_data['publish'] ) && ( !isset($post_data['post_status']) || $post_data['post_status'] != 'private' ) )
    101. 

  101. 		$post_data['post_status'] = 'publish';
    102. 

  102. 	if ( isset($post_data['advanced']) && '' != $post_data['advanced'] )
    103. 

  103. 		$post_data['post_status'] = 'draft';
    104. 

  104. 	if ( isset($post_data['pending']) && '' != $post_data['pending'] )
    105. 

  105. 		$post_data['post_status'] = 'pending';
    106. 

  106. 

  107. 	if ( isset( $post_data['ID'] ) )
    108. 

  108. 		$post_id = $post_data['ID'];
    109. 

  109. 	else
    110. 

  110. 		$post_id = false;
    111. 

  111. 	$previous_status = $post_id ? get_post_field( 'post_status', $post_id ) : false;
    112. 

  112. 

  113. 	if ( isset( $post_data['post_status'] ) && 'private' == $post_data['post_status'] && ! current_user_can( $ptype->cap->publish_posts ) ) {
    114. 

  114. 		$post_data['post_status'] = $previous_status ? $previous_status : 'pending';
    115. 

  115. 	}
    116. 

  116. 

  117. 	$published_statuses = array( 'publish', 'future' );
    118. 

  118. 

  119. 	// Posts 'submitted for approval' present are submitted to $_POST the same as if they were being published.
    120. 

  120. 	// Change status from 'publish' to 'pending' if user lacks permissions to publish or to resave published posts.
    121. 

  121. 	if ( isset($post_data['post_status']) && (in_array( $post_data['post_status'], $published_statuses ) && !current_user_can( $ptype->cap->publish_posts )) )
    122. 

  122. 		if ( ! in_array( $previous_status, $published_statuses ) || !current_user_can( 'edit_post', $post_id ) )
    123. 

  123. 			$post_data['post_status'] = 'pending';
    124. 

  124. 

  125. 	if ( ! isset( $post_data['post_status'] ) ) {
    126. 

  126. 		$post_data['post_status'] = 'auto-draft' === $previous_status ? 'draft' : $previous_status;
    127. 

  127. 	}
    128. 

  128. 

  129. 	if ( isset( $post_data['post_password'] ) && ! current_user_can( $ptype->cap->publish_posts ) ) {
    130. 

  130. 		unset( $post_data['post_password'] );
    131. 

  131. 	}
    132. 

  132. 

  133. 	if (!isset( $post_data['comment_status'] ))
    134. 

  134. 		$post_data['comment_status'] = 'closed';
    135. 

  135. 

  136. 	if (!isset( $post_data['ping_status'] ))
    137. 

  137. 		$post_data['ping_status'] = 'closed';
    138. 

  138. 

  139. 	foreach ( array('aa', 'mm', 'jj', 'hh', 'mn') as $timeunit ) {
    140. 

  140. 		if ( !empty( $post_data['hidden_' . $timeunit] ) && $post_data['hidden_' . $timeunit] != $post_data[$timeunit] ) {
    141. 

  141. 			$post_data['edit_date'] = '1';
    142. 

  142. 			break;
    143. 

  143. 		}
    144. 

  144. 	}
    145. 

  145. 

  146. 	if ( !empty( $post_data['edit_date'] ) ) {
    147. 

  147. 		$aa = $post_data['aa'];
    148. 

  148. 		$mm = $post_data['mm'];
    149. 

  149. 		$jj = $post_data['jj'];
    150. 

  150. 		$hh = $post_data['hh'];
    151. 

  151. 		$mn = $post_data['mn'];
    152. 

  152. 		$ss = $post_data['ss'];
    153. 

  153. 		$aa = ($aa <= 0 ) ? date('Y') : $aa;
    154. 

  154. 		$mm = ($mm <= 0 ) ? date('n') : $mm;
    155. 

  155. 		$jj = ($jj > 31 ) ? 31 : $jj;
    156. 

  156. 		$jj = ($jj <= 0 ) ? date('j') : $jj;
    157. 

  157. 		$hh = ($hh > 23 ) ? $hh -24 : $hh;
    158. 

  158. 		$mn = ($mn > 59 ) ? $mn -60 : $mn;
    159. 

  159. 		$ss = ($ss > 59 ) ? $ss -60 : $ss;
    160. 

  160. 		$post_data['post_date'] = sprintf( "%04d-%02d-%02d %02d:%02d:%02d", $aa, $mm, $jj, $hh, $mn, $ss );
    161. 

  161. 		$valid_date = wp_checkdate( $mm, $jj, $aa, $post_data['post_date'] );
    162. 

  162. 		if ( !$valid_date ) {
    163. 

  163. 			return new WP_Error( 'invalid_date', __( 'Whoops, the provided date is invalid.' ) );
    164. 

  164. 		}
    165. 

  165. 		$post_data['post_date_gmt'] = get_gmt_from_date( $post_data['post_date'] );
    166. 

  166. 	}
    167. 

  167. 

  168. 	return $post_data;
    169. 

  169. }
    170. 

  170. 

  171. /**
    172. 

  172.  * Update an existing post with values provided in $_POST.
    173. 

  173.  *
    174. 

  174.  * @since 1.5.0
    175. 

  175.  *
    176. 

  176.  * @param array $post_data Optional.
    177. 

  177.  * @return int Post ID.
    178. 

  178.  */
    179. 

  179. function edit_post( $post_data = null ) {
    180. 

  180. 

  181. 	if ( empty($post_data) )
    182. 

  182. 		$post_data = &$_POST;
    183. 

  183. 

  184. 	// Clear out any data in internal vars.
    185. 

  185. 	unset( $post_data['filter'] );
    186. 

  186. 

  187. 	$post_ID = (int) $post_data['post_ID'];
    188. 

  188. 	$post = get_post( $post_ID );
    189. 

  189. 	$post_data['post_type'] = $post->post_type;
    190. 

  190. 	$post_data['post_mime_type'] = $post->post_mime_type;
    191. 

  191. 

  192. 	if ( ! empty( $post_data['post_status'] ) ) {
    193. 

  193. 		$post_data['post_status'] = sanitize_key( $post_data['post_status'] );
    194. 

  194. 

  195. 		if ( 'inherit' == $post_data['post_status'] ) {
    196. 

  196. 			unset( $post_data['post_status'] );
    197. 

  197. 		}
    198. 

  198. 	}
    199. 

  199. 

  200. 	$ptype = get_post_type_object($post_data['post_type']);
    201. 

  201. 	if ( !current_user_can( 'edit_post', $post_ID ) ) {
    202. 

  202. 		if ( 'page' == $post_data['post_type'] )
    203. 

  203. 			wp_die( __('You are not allowed to edit this page.' ));
    204. 

  204. 		else
    205. 

  205. 			wp_die( __('You are not allowed to edit this post.' ));
    206. 

  206. 	}
    207. 

  207. 

  208. 	if ( post_type_supports( $ptype->name, 'revisions' ) ) {
    209. 

  209. 		$revisions = wp_get_post_revisions( $post_ID, array( 'order' => 'ASC', 'posts_per_page' => 1 ) );
    210. 

  210. 		$revision = current( $revisions );
    211. 

  211. 

  212. 		// Check if the revisions have been upgraded
    213. 

  213. 		if ( $revisions && _wp_get_post_revision_version( $revision ) < 1 )
    214. 

  214. 			_wp_upgrade_revisions_of_post( $post, wp_get_post_revisions( $post_ID ) );
    215. 

  215. 	}
    216. 

  216. 

  217. 	if ( isset($post_data['visibility']) ) {
    218. 

  218. 		switch ( $post_data['visibility'] ) {
    219. 

  219. 			case 'public' :
    220. 

  220. 				$post_data['post_password'] = '';
    221. 

  221. 				break;
    222. 

  222. 			case 'password' :
    223. 

  223. 				unset( $post_data['sticky'] );
    224. 

  224. 				break;
    225. 

  225. 			case 'private' :
    226. 

  226. 				$post_data['post_status'] = 'private';
    227. 

  227. 				$post_data['post_password'] = '';
    228. 

  228. 				unset( $post_data['sticky'] );
    229. 

  229. 				break;
    230. 

  230. 		}
    231. 

  231. 	}
    232. 

  232. 

  233. 	$post_data = _wp_translate_postdata( true, $post_data );
    234. 

  234. 	if ( is_wp_error($post_data) )
    235. 

  235. 		wp_die( $post_data->get_error_message() );
    236. 

  236. 

  237. 	// Post Formats
    238. 

  238. 	if ( isset( $post_data['post_format'] ) )
    239. 

  239. 		set_post_format( $post_ID, $post_data['post_format'] );
    240. 

  240. 

  241. 	$format_meta_urls = array( 'url', 'link_url', 'quote_source_url' );
    242. 

  242. 	foreach ( $format_meta_urls as $format_meta_url ) {
    243. 

  243. 		$keyed = '_format_' . $format_meta_url;
    244. 

  244. 		if ( isset( $post_data[ $keyed ] ) )
    245. 

  245. 			update_post_meta( $post_ID, $keyed, wp_slash( esc_url_raw( wp_unslash( $post_data[ $keyed ] ) ) ) );
    246. 

  246. 	}
    247. 

  247. 

  248. 	$format_keys = array( 'quote', 'quote_source_name', 'image', 'gallery', 'audio_embed', 'video_embed' );
    249. 

  249. 

  250. 	foreach ( $format_keys as $key ) {
    251. 

  251. 		$keyed = '_format_' . $key;
    252. 

  252. 		if ( isset( $post_data[ $keyed ] ) ) {
    253. 

  253. 			if ( current_user_can( 'unfiltered_html' ) )
    254. 

  254. 				update_post_meta( $post_ID, $keyed, $post_data[ $keyed ] );
    255. 

  255. 			else
    256. 

  256. 				update_post_meta( $post_ID, $keyed, wp_filter_post_kses( $post_data[ $keyed ] ) );
    257. 

  257. 		}
    258. 

  258. 	}
    259. 

  259. 

  260. 	if ( 'attachment' === $post_data['post_type'] && preg_match( '#^(audio|video)/#', $post_data['post_mime_type'] ) ) {
    261. 

  261. 		$id3data = wp_get_attachment_metadata( $post_ID );
    262. 

  262. 		if ( ! is_array( $id3data ) ) {
    263. 

  263. 			$id3data = array();
    264. 

  264. 		}
    265. 

  265. 

  266. 		foreach ( wp_get_attachment_id3_keys( $post, 'edit' ) as $key => $label ) {
    267. 

  267. 			if ( isset( $post_data[ 'id3_' . $key ] ) ) {
    268. 

  268. 				$id3data[ $key ] = sanitize_text_field( wp_unslash( $post_data[ 'id3_' . $key ] ) );
    269. 

  269. 			}
    270. 

  270. 		}
    271. 

  271. 		wp_update_attachment_metadata( $post_ID, $id3data );
    272. 

  272. 	}
    273. 

  273. 

  274. 	// Meta Stuff
    275. 

  275. 	if ( isset($post_data['meta']) && $post_data['meta'] ) {
    276. 

  276. 		foreach ( $post_data['meta'] as $key => $value ) {
    277. 

  277. 			if ( !$meta = get_post_meta_by_id( $key ) )
    278. 

  278. 				continue;
    279. 

  279. 			if ( $meta->post_id != $post_ID )
    280. 

  280. 				continue;
    281. 

  281. 			if ( is_protected_meta( $value['key'], 'post' ) || ! current_user_can( 'edit_post_meta', $post_ID, $value['key'] ) )
    282. 

  282. 				continue;
    283. 

  283. 			update_meta( $key, $value['key'], $value['value'] );
    284. 

  284. 		}
    285. 

  285. 	}
    286. 

  286. 

  287. 	if ( isset($post_data['deletemeta']) && $post_data['deletemeta'] ) {
    288. 

  288. 		foreach ( $post_data['deletemeta'] as $key => $value ) {
    289. 

  289. 			if ( !$meta = get_post_meta_by_id( $key ) )
    290. 

  290. 				continue;
    291. 

  291. 			if ( $meta->post_id != $post_ID )
    292. 

  292. 				continue;
    293. 

  293. 			if ( is_protected_meta( $meta->meta_key, 'post' ) || ! current_user_can( 'delete_post_meta', $post_ID, $meta->meta_key ) )
    294. 

  294. 				continue;
    295. 

  295. 			delete_meta( $key );
    296. 

  296. 		}
    297. 

  297. 	}
    298. 

  298. 

  299. 	// Attachment stuff
    300. 

  300. 	if ( 'attachment' == $post_data['post_type'] ) {
    301. 

  301. 		if ( isset( $post_data[ '_wp_attachment_image_alt' ] ) ) {
    302. 

  302. 			$image_alt = wp_unslash( $post_data['_wp_attachment_image_alt'] );
    303. 

  303. 			if ( $image_alt != get_post_meta( $post_ID, '_wp_attachment_image_alt', true ) ) {
    304. 

  304. 				$image_alt = wp_strip_all_tags( $image_alt, true );
    305. 

  305. 				// update_meta expects slashed
    306. 

  306. 				update_post_meta( $post_ID, '_wp_attachment_image_alt', wp_slash( $image_alt ) );
    307. 

  307. 			}
    308. 

  308. 		}
    309. 

  309. 

  310. 		$attachment_data = isset( $post_data['attachments'][ $post_ID ] ) ? $post_data['attachments'][ $post_ID ] : array();
    311. 

  311. 

  312. 		/** This filter is documented in wp-admin/includes/media.php */
    313. 

  313. 		$post_data = apply_filters( 'attachment_fields_to_save', $post_data, $attachment_data );
    314. 

  314. 	}
    315. 

  315. 

  316. 	add_meta( $post_ID );
    317. 

  317. 

  318. 	update_post_meta( $post_ID, '_edit_last', get_current_user_id() );
    319. 

  319. 

  320. 	wp_update_post( $post_data );
    321. 

  321. 

  322. 	// Now that we have an ID we can fix any attachment anchor hrefs
    323. 

  323. 	_fix_attachment_links( $post_ID );
    324. 

  324. 

  325. 	wp_set_post_lock( $post_ID );
    326. 

  326. 

  327. 	if ( current_user_can( $ptype->cap->edit_others_posts ) ) {
    328. 

  328. 		if ( ! empty( $post_data['sticky'] ) )
    329. 

  329. 			stick_post( $post_ID );
    330. 

  330. 		else
    331. 

  331. 			unstick_post( $post_ID );
    332. 

  332. 	}
    333. 

  333. 

  334. 	return $post_ID;
    335. 

  335. }
    336. 

  336. 

  337. /**
    338. 

  338.  * Process the post data for the bulk editing of posts.
    339. 

  339.  *
    340. 

  340.  * Updates all bulk edited posts/pages, adding (but not removing) tags and
    341. 

  341.  * categories. Skips pages when they would be their own parent or child.
    342. 

  342.  *
    343. 

  343.  * @since 2.7.0
    344. 

  344.  *
    345. 

  345.  * @param array $post_data Optional, the array of post data to process if not provided will use $_POST superglobal.
    346. 

  346.  * @return array
    347. 

  347.  */
    348. 

  348. function bulk_edit_posts( $post_data = null ) {
    349. 

  349. 	global $wpdb;
    350. 

  350. 

  351. 	if ( empty($post_data) )
    352. 

  352. 		$post_data = &$_POST;
    353. 

  353. 

  354. 	if ( isset($post_data['post_type']) )
    355. 

  355. 		$ptype = get_post_type_object($post_data['post_type']);
    356. 

  356. 	else
    357. 

  357. 		$ptype = get_post_type_object('post');
    358. 

  358. 

  359. 	if ( !current_user_can( $ptype->cap->edit_posts ) ) {
    360. 

  360. 		if ( 'page' == $ptype->name )
    361. 

  361. 			wp_die( __('You are not allowed to edit pages.'));
    362. 

  362. 		else
    363. 

  363. 			wp_die( __('You are not allowed to edit posts.'));
    364. 

  364. 	}
    365. 

  365. 

  366. 	if ( -1 == $post_data['_status'] ) {
    367. 

  367. 		$post_data['post_status'] = null;
    368. 

  368. 		unset($post_data['post_status']);
    369. 

  369. 	} else {
    370. 

  370. 		$post_data['post_status'] = $post_data['_status'];
    371. 

  371. 	}
    372. 

  372. 	unset($post_data['_status']);
    373. 

  373. 

  374. 	if ( ! empty( $post_data['post_status'] ) ) {
    375. 

  375. 		$post_data['post_status'] = sanitize_key( $post_data['post_status'] );
    376. 

  376. 

  377. 		if ( 'inherit' == $post_data['post_status'] ) {
    378. 

  378. 			unset( $post_data['post_status'] );
    379. 

  379. 		}
    380. 

  380. 	}
    381. 

  381. 

  382. 	$post_IDs = array_map( 'intval', (array) $post_data['post'] );
    383. 

  383. 

  384. 	$reset = array(
    385. 

  385. 		'post_author', 'post_status', 'post_password',
    386. 

  386. 		'post_parent', 'page_template', 'comment_status',
    387. 

  387. 		'ping_status', 'keep_private', 'tax_input',
    388. 

  388. 		'post_category', 'sticky', 'post_format',
    389. 

  389. 	);
    390. 

  390. 

  391. 	foreach ( $reset as $field ) {
    392. 

  392. 		if ( isset($post_data[$field]) && ( '' == $post_data[$field] || -1 == $post_data[$field] ) )
    393. 

  393. 			unset($post_data[$field]);
    394. 

  394. 	}
    395. 

  395. 

  396. 	if ( isset($post_data['post_category']) ) {
    397. 

  397. 		if ( is_array($post_data['post_category']) && ! empty($post_data['post_category']) )
    398. 

  398. 			$new_cats = array_map( 'absint', $post_data['post_category'] );
    399. 

  399. 		else
    400. 

  400. 			unset($post_data['post_category']);
    401. 

  401. 	}
    402. 

  402. 

  403. 	$tax_input = array();
    404. 

  404. 	if ( isset($post_data['tax_input'])) {
    405. 

  405. 		foreach ( $post_data['tax_input'] as $tax_name => $terms ) {
    406. 

  406. 			if ( empty($terms) )
    407. 

  407. 				continue;
    408. 

  408. 			if ( is_taxonomy_hierarchical( $tax_name ) ) {
    409. 

  409. 				$tax_input[ $tax_name ] = array_map( 'absint', $terms );
    410. 

  410. 			} else {
    411. 

  411. 				$comma = _x( ',', 'tag delimiter' );
    412. 

  412. 				if ( ',' !== $comma )
    413. 

  413. 					$terms = str_replace( $comma, ',', $terms );
    414. 

  414. 				$tax_input[ $tax_name ] = explode( ',', trim( $terms, " \n\t\r\0\x0B," ) );
    415. 

  415. 			}
    416. 

  416. 		}
    417. 

  417. 	}
    418. 

  418. 

  419. 	if ( isset($post_data['post_parent']) && ($parent = (int) $post_data['post_parent']) ) {
    420. 

  420. 		$pages = $wpdb->get_results("SELECT ID, post_parent FROM $wpdb->posts WHERE post_type = 'page'");
    421. 

  421. 		$children = array();
    422. 

  422. 

  423. 		for ( $i = 0; $i < 50 && $parent > 0; $i++ ) {
    424. 

  424. 			$children[] = $parent;
    425. 

  425. 

  426. 			foreach ( $pages as $page ) {
    427. 

  427. 				if ( $page->ID == $parent ) {
    428. 

  428. 					$parent = $page->post_parent;
    429. 

  429. 					break;
    430. 

  430. 				}
    431. 

  431. 			}
    432. 

  432. 		}
    433. 

  433. 	}
    434. 

  434. 

  435. 	$updated = $skipped = $locked = array();
    436. 

  436. 	$shared_post_data = $post_data;
    437. 

  437. 

  438. 	foreach ( $post_IDs as $post_ID ) {
    439. 

  439. 		// Start with fresh post data with each iteration.
    440. 

  440. 		$post_data = $shared_post_data;
    441. 

  441. 

  442. 		$post_type_object = get_post_type_object( get_post_type( $post_ID ) );
    443. 

  443. 

  444. 		if ( !isset( $post_type_object ) || ( isset($children) && in_array($post_ID, $children) ) || !current_user_can( 'edit_post', $post_ID ) ) {
    445. 

  445. 			$skipped[] = $post_ID;
    446. 

  446. 			continue;
    447. 

  447. 		}
    448. 

  448. 

  449. 		if ( wp_check_post_lock( $post_ID ) ) {
    450. 

  450. 			$locked[] = $post_ID;
    451. 

  451. 			continue;
    452. 

  452. 		}
    453. 

  453. 

  454. 		$post = get_post( $post_ID );
    455. 

  455. 		$tax_names = get_object_taxonomies( $post );
    456. 

  456. 		foreach ( $tax_names as $tax_name ) {
    457. 

  457. 			$taxonomy_obj = get_taxonomy($tax_name);
    458. 

  458. 			if ( isset( $tax_input[$tax_name]) && current_user_can( $taxonomy_obj->cap->assign_terms ) )
    459. 

  459. 				$new_terms = $tax_input[$tax_name];
    460. 

  460. 			else
    461. 

  461. 				$new_terms = array();
    462. 

  462. 

  463. 			if ( $taxonomy_obj->hierarchical )
    464. 

  464. 				$current_terms = (array) wp_get_object_terms( $post_ID, $tax_name, array('fields' => 'ids') );
    465. 

  465. 			else
    466. 

  466. 				$current_terms = (array) wp_get_object_terms( $post_ID, $tax_name, array('fields' => 'names') );
    467. 

  467. 

  468. 			$post_data['tax_input'][$tax_name] = array_merge( $current_terms, $new_terms );
    469. 

  469. 		}
    470. 

  470. 

  471. 		if ( isset($new_cats) && in_array( 'category', $tax_names ) ) {
    472. 

  472. 			$cats = (array) wp_get_post_categories($post_ID);
    473. 

  473. 			$post_data['post_category'] = array_unique( array_merge($cats, $new_cats) );
    474. 

  474. 			unset( $post_data['tax_input']['category'] );
    475. 

  475. 		}
    476. 

  476. 

  477. 		$post_data['post_type'] = $post->post_type;
    478. 

  478. 		$post_data['post_mime_type'] = $post->post_mime_type;
    479. 

  479. 		$post_data['guid'] = $post->guid;
    480. 

  480. 

  481. 		foreach ( array( 'comment_status', 'ping_status', 'post_author' ) as $field ) {
    482. 

  482. 			if ( ! isset( $post_data[ $field ] ) ) {
    483. 

  483. 				$post_data[ $field ] = $post->$field;
    484. 

  484. 			}
    485. 

  485. 		}
    486. 

  486. 

  487. 		$post_data['ID'] = $post_ID;
    488. 

  488. 		$post_data['post_ID'] = $post_ID;
    489. 

  489. 

  490. 		$post_data = _wp_translate_postdata( true, $post_data );
    491. 

  491. 		if ( is_wp_error( $post_data ) ) {
    492. 

  492. 			$skipped[] = $post_ID;
    493. 

  493. 			continue;
    494. 

  494. 		}
    495. 

  495. 

  496. 		$updated[] = wp_update_post( $post_data );
    497. 

  497. 

  498. 		if ( isset( $post_data['sticky'] ) && current_user_can( $ptype->cap->edit_others_posts ) ) {
    499. 

  499. 			if ( 'sticky' == $post_data['sticky'] )
    500. 

  500. 				stick_post( $post_ID );
    501. 

  501. 			else
    502. 

  502. 				unstick_post( $post_ID );
    503. 

  503. 		}
    504. 

  504. 

  505. 		if ( isset( $post_data['post_format'] ) )
    506. 

  506. 			set_post_format( $post_ID, $post_data['post_format'] );
    507. 

  507. 	}
    508. 

  508. 

  509. 	return array( 'updated' => $updated, 'skipped' => $skipped, 'locked' => $locked );
    510. 

  510. }
    511. 

  511. 

  512. /**
    513. 

  513.  * Default post information to use when populating the "Write Post" form.
    514. 

  514.  *
    515. 

  515.  * @since 2.0.0
    516. 

  516.  *
    517. 

  517.  * @param string $post_type A post type string, defaults to 'post'.
    518. 

  518.  * @return WP_Post Post object containing all the default post data as attributes
    519. 

  519.  */
    520. 

  520. function get_default_post_to_edit( $post_type = 'post', $create_in_db = false ) {
    521. 

  521. 	global $wpdb;
    522. 

  522. 

  523. 	$post_title = '';
    524. 

  524. 	if ( !empty( $_REQUEST['post_title'] ) )
    525. 

  525. 		$post_title = esc_html( wp_unslash( $_REQUEST['post_title'] ));
    526. 

  526. 

  527. 	$post_content = '';
    528. 

  528. 	if ( !empty( $_REQUEST['content'] ) )
    529. 

  529. 		$post_content = esc_html( wp_unslash( $_REQUEST['content'] ));
    530. 

  530. 

  531. 	$post_excerpt = '';
    532. 

  532. 	if ( !empty( $_REQUEST['excerpt'] ) )
    533. 

  533. 		$post_excerpt = esc_html( wp_unslash( $_REQUEST['excerpt'] ));
    534. 

  534. 

  535. 	if ( $create_in_db ) {
    536. 

  536. 		$post_id = wp_insert_post( array( 'post_title' => __( 'Auto Draft' ), 'post_type' => $post_type, 'post_status' => 'auto-draft' ) );
    537. 

  537. 		$post = get_post( $post_id );
    538. 

  538. 		if ( current_theme_supports( 'post-formats' ) && post_type_supports( $post->post_type, 'post-formats' ) && get_option( 'default_post_format' ) )
    539. 

  539. 			set_post_format( $post, get_option( 'default_post_format' ) );
    540. 

  540. 	} else {
    541. 

  541. 		$post = new stdClass;
    542. 

  542. 		$post->ID = 0;
    543. 

  543. 		$post->post_author = '';
    544. 

  544. 		$post->post_date = '';
    545. 

  545. 		$post->post_date_gmt = '';
    546. 

  546. 		$post->post_password = '';
    547. 

  547. 		$post->post_type = $post_type;
    548. 

  548. 		$post->post_status = 'draft';
    549. 

  549. 		$post->to_ping = '';
    550. 

  550. 		$post->pinged = '';
    551. 

  551. 		$post->comment_status = get_option( 'default_comment_status' );
    552. 

  552. 		$post->ping_status = get_option( 'default_ping_status' );
    553. 

  553. 		$post->post_pingback = get_option( 'default_pingback_flag' );
    554. 

  554. 		$post->post_category = get_option( 'default_category' );
    555. 

  555. 		$post->page_template = 'default';
    556. 

  556. 		$post->post_parent = 0;
    557. 

  557. 		$post->menu_order = 0;
    558. 

  558. 		$post = new WP_Post( $post );
    559. 

  559. 	}
    560. 

  560. 

  561. 	/**
    562. 

  562. 	 * Filter the default post content initially used in the "Write Post" form.
    563. 

  563. 	 *
    564. 

  564. 	 * @since 1.5.0
    565. 

  565. 	 *
    566. 

  566. 	 * @param string  $post_content Default post content.
    567. 

  567. 	 * @param WP_Post $post         Post object.
    568. 

  568. 	 */
    569. 

  569. 	$post->post_content = apply_filters( 'default_content', $post_content, $post );
    570. 

  570. 

  571. 	/**
    572. 

  572. 	 * Filter the default post title initially used in the "Write Post" form.
    573. 

  573. 	 *
    574. 

  574. 	 * @since 1.5.0
    575. 

  575. 	 *
    576. 

  576. 	 * @param string  $post_title Default post title.
    577. 

  577. 	 * @param WP_Post $post       Post object.
    578. 

  578. 	 */
    579. 

  579. 	$post->post_title = apply_filters( 'default_title', $post_title, $post );
    580. 

  580. 

  581. 	/**
    582. 

  582. 	 * Filter the default post excerpt initially used in the "Write Post" form.
    583. 

  583. 	 *
    584. 

  584. 	 * @since 1.5.0
    585. 

  585. 	 *
    586. 

  586. 	 * @param string  $post_excerpt Default post excerpt.
    587. 

  587. 	 * @param WP_Post $post         Post object.
    588. 

  588. 	 */
    589. 

  589. 	$post->post_excerpt = apply_filters( 'default_excerpt', $post_excerpt, $post );
    590. 

  590. 	$post->post_name = '';
    591. 

  591. 

  592. 	return $post;
    593. 

  593. }
    594. 

  594. 

  595. /**
    596. 

  596.  * Determine if a post exists based on title, content, and date
    597. 

  597.  *
    598. 

  598.  * @since 2.0.0
    599. 

  599.  *
    600. 

  600.  * @param string $title Post title
    601. 

  601.  * @param string $content Optional post content
    602. 

  602.  * @param string $date Optional post date
    603. 

  603.  * @return int Post ID if post exists, 0 otherwise.
    604. 

  604.  */
    605. 

  605. function post_exists($title, $content = '', $date = '') {
    606. 

  606. 	global $wpdb;
    607. 

  607. 

  608. 	$post_title = wp_unslash( sanitize_post_field( 'post_title', $title, 0, 'db' ) );
    609. 

  609. 	$post_content = wp_unslash( sanitize_post_field( 'post_content', $content, 0, 'db' ) );
    610. 

  610. 	$post_date = wp_unslash( sanitize_post_field( 'post_date', $date, 0, 'db' ) );
    611. 

  611. 

  612. 	$query = "SELECT ID FROM $wpdb->posts WHERE 1=1";
    613. 

  613. 	$args = array();
    614. 

  614. 

  615. 	if ( !empty ( $date ) ) {
    616. 

  616. 		$query .= ' AND post_date = %s';
    617. 

  617. 		$args[] = $post_date;
    618. 

  618. 	}
    619. 

  619. 

  620. 	if ( !empty ( $title ) ) {
    621. 

  621. 		$query .= ' AND post_title = %s';
    622. 

  622. 		$args[] = $post_title;
    623. 

  623. 	}
    624. 

  624. 

  625. 	if ( !empty ( $content ) ) {
    626. 

  626. 		$query .= 'AND post_content = %s';
    627. 

  627. 		$args[] = $post_content;
    628. 

  628. 	}
    629. 

  629. 

  630. 	if ( !empty ( $args ) )
    631. 

  631. 		return (int) $wpdb->get_var( $wpdb->prepare($query, $args) );
    632. 

  632. 

  633. 	return 0;
    634. 

  634. }
    635. 

  635. 

  636. /**
    637. 

  637.  * Creates a new post from the "Write Post" form using $_POST information.
    638. 

  638.  *
    639. 

  639.  * @since 2.1.0
    640. 

  640.  *
    641. 

  641.  * @return unknown
    642. 

  642.  */
    643. 

  643. function wp_write_post() {
    644. 

  644. 	if ( isset($_POST['post_type']) )
    645. 

  645. 		$ptype = get_post_type_object($_POST['post_type']);
    646. 

  646. 	else
    647. 

  647. 		$ptype = get_post_type_object('post');
    648. 

  648. 

  649. 	if ( !current_user_can( $ptype->cap->edit_posts ) ) {
    650. 

  650. 		if ( 'page' == $ptype->name )
    651. 

  651. 			return new WP_Error( 'edit_pages', __( 'You are not allowed to create pages on this site.' ) );
    652. 

  652. 		else
    653. 

  653. 			return new WP_Error( 'edit_posts', __( 'You are not allowed to create posts or drafts on this site.' ) );
    654. 

  654. 	}
    655. 

  655. 

  656. 	$_POST['post_mime_type'] = '';
    657. 

  657. 

  658. 	// Clear out any data in internal vars.
    659. 

  659. 	unset( $_POST['filter'] );
    660. 

  660. 

  661. 	// Edit don't write if we have a post id.
    662. 

  662. 	if ( isset( $_POST['post_ID'] ) )
    663. 

  663. 		return edit_post();
    664. 

  664. 

  665. 	if ( isset($_POST['visibility']) ) {
    666. 

  666. 		switch ( $_POST['visibility'] ) {
    667. 

  667. 			case 'public' :
    668. 

  668. 				$_POST['post_password'] = '';
    669. 

  669. 				break;
    670. 

  670. 			case 'password' :
    671. 

  671. 				unset( $_POST['sticky'] );
    672. 

  672. 				break;
    673. 

  673. 			case 'private' :
    674. 

  674. 				$_POST['post_status'] = 'private';
    675. 

  675. 				$_POST['post_password'] = '';
    676. 

  676. 				unset( $_POST['sticky'] );
    677. 

  677. 				break;
    678. 

  678. 		}
    679. 

  679. 	}
    680. 

  680. 

  681. 	$translated = _wp_translate_postdata( false );
    682. 

  682. 	if ( is_wp_error($translated) )
    683. 

  683. 		return $translated;
    684. 

  684. 

  685. 	// Create the post.
    686. 

  686. 	$post_ID = wp_insert_post( $_POST );
    687. 

  687. 	if ( is_wp_error( $post_ID ) )
    688. 

  688. 		return $post_ID;
    689. 

  689. 

  690. 	if ( empty($post_ID) )
    691. 

  691. 		return 0;
    692. 

  692. 

  693. 	add_meta( $post_ID );
    694. 

  694. 

  695. 	add_post_meta( $post_ID, '_edit_last', $GLOBALS['current_user']->ID );
    696. 

  696. 

  697. 	// Now that we have an ID we can fix any attachment anchor hrefs
    698. 

  698. 	_fix_attachment_links( $post_ID );
    699. 

  699. 

  700. 	wp_set_post_lock( $post_ID );
    701. 

  701. 

  702. 	return $post_ID;
    703. 

  703. }
    704. 

  704. 

  705. /**
    706. 

  706.  * Calls wp_write_post() and handles the errors.
    707. 

  707.  *
    708. 

  708.  * @since 2.0.0
    709. 

    710. 

  710.  * @uses wp_write_post()
    711. 

  711.  * @uses is_wp_error()
    712. 

  712.  * @uses wp_die()
    713. 

  713.  * @return unknown
    714. 

  714.  */
    715. 

  715. function write_post() {
    716. 

  716. 	$result = wp_write_post();
    717. 

  717. 	if ( is_wp_error( $result ) )
    718. 

  718. 		wp_die( $result->get_error_message() );
    719. 

  719. 	else
    720. 

  720. 		return $result;
    721. 

  721. }
    722. 

  722. 

  723. //
    724. 

  724. // Post Meta
    725. 

  725. //
    726. 

  726. 

  727. /**
    728. 

  728.  * {@internal Missing Short Description}}
    729. 

  729.  *
    730. 

  730.  * @since 1.2.0
    731. 

  731.  *
    732. 

  732.  * @param unknown_type $post_ID
    733. 

  733.  * @return unknown
    734. 

  734.  */
    735. 

  735. function add_meta( $post_ID ) {
    736. 

  736. 	global $wpdb;
    737. 

  737. 	$post_ID = (int) $post_ID;
    738. 

  738. 

  739. 	$metakeyselect = isset($_POST['metakeyselect']) ? wp_unslash( trim( $_POST['metakeyselect'] ) ) : '';
    740. 

  740. 	$metakeyinput = isset($_POST['metakeyinput']) ? wp_unslash( trim( $_POST['metakeyinput'] ) ) : '';
    741. 

  741. 	$metavalue = isset($_POST['metavalue']) ? $_POST['metavalue'] : '';
    742. 

  742. 	if ( is_string( $metavalue ) )
    743. 

  743. 		$metavalue = trim( $metavalue );
    744. 

  744. 

  745. 	if ( ('0' === $metavalue || ! empty ( $metavalue ) ) && ( ( ( '#NONE#' != $metakeyselect ) && !empty ( $metakeyselect) ) || !empty ( $metakeyinput ) ) ) {
    746. 

  746. 		// We have a key/value pair. If both the select and the
    747. 

  747. 		// input for the key have data, the input takes precedence:
    748. 

  748. 

  749.  		if ( '#NONE#' != $metakeyselect )
    750. 

  750. 			$metakey = $metakeyselect;
    751. 

  751. 

  752. 		if ( $metakeyinput )
    753. 

  753. 			$metakey = $metakeyinput; // default
    754. 

  754. 

  755. 		if ( is_protected_meta( $metakey, 'post' ) || ! current_user_can( 'add_post_meta', $post_ID, $metakey ) )
    756. 

  756. 			return false;
    757. 

  757. 

  758. 		$metakey = wp_slash( $metakey );
    759. 

  759. 

  760. 		return add_post_meta( $post_ID, $metakey, $metavalue );
    761. 

  761. 	}
    762. 

  762. 

  763. 	return false;
    764. 

  764. } // add_meta
    765. 

  765. 

  766. /**
    767. 

  767.  * {@internal Missing Short Description}}
    768. 

  768.  *
    769. 

  769.  * @since 1.2.0
    770. 

  770.  *
    771. 

  771.  * @param unknown_type $mid
    772. 

  772.  * @return unknown
    773. 

  773.  */
    774. 

  774. function delete_meta( $mid ) {
    775. 

  775. 	return delete_metadata_by_mid( 'post' , $mid );
    776. 

  776. }
    777. 

  777. 

  778. /**
    779. 

  779.  * Get a list of previously defined keys.
    780. 

  780.  *
    781. 

  781.  * @since 1.2.0
    782. 

  782.  *
    783. 

  783.  * @return unknown
    784. 

  784.  */
    785. 

  785. function get_meta_keys() {
    786. 

  786. 	global $wpdb;
    787. 

  787. 

  788. 	$keys = $wpdb->get_col( "
    789. 

  789. 			SELECT meta_key
    790. 

  790. 			FROM $wpdb->postmeta
    791. 

  791. 			GROUP BY meta_key
    792. 

  792. 			ORDER BY meta_key" );
    793. 

    794. 

  794. 	return $keys;
    795. 

  795. }
    796. 

  796. 

  797. /**
    798. 

  798.  * {@internal Missing Short Description}}
    799. 

  799.  *
    800. 

  800.  * @since 2.1.0
    801. 

  801.  *
    802. 

  802.  * @param unknown_type $mid
    803. 

  803.  * @return unknown
    804. 

  804.  */
    805. 

  805. function get_post_meta_by_id( $mid ) {
    806. 

  806. 	return get_metadata_by_mid( 'post', $mid );
    807. 

  807. }
    808. 

  808. 

  809. /**
    810. 

  810.  * {@internal Missing Short Description}}
    811. 

  811.  *
    812. 

  812.  * Some postmeta stuff.
    813. 

  813.  *
    814. 

  814.  * @since 1.2.0
    815. 

  815.  *
    816. 

  816.  * @param unknown_type $postid
    817. 

  817.  * @return unknown
    818. 

  818.  */
    819. 

  819. function has_meta( $postid ) {
    820. 

  820. 	global $wpdb;
    821. 

  821. 

  822. 	return $wpdb->get_results( $wpdb->prepare("SELECT meta_key, meta_value, meta_id, post_id
    823. 

  823. 			FROM $wpdb->postmeta WHERE post_id = %d
    824. 

  824. 			ORDER BY meta_key,meta_id", $postid), ARRAY_A );
    825. 

  825. }
    826. 

  826. 

  827. /**
    828. 

  828.  * {@internal Missing Short Description}}
    829. 

  829.  *
    830. 

  830.  * @since 1.2.0
    831. 

  831.  *
    832. 

  832.  * @param unknown_type $meta_id
    833. 

  833.  * @param unknown_type $meta_key Expect Slashed
    834. 

  834.  * @param unknown_type $meta_value Expect Slashed
    835. 

  835.  * @return unknown
    836. 

  836.  */
    837. 

  837. function update_meta( $meta_id, $meta_key, $meta_value ) {
    838. 

  838. 	$meta_key = wp_unslash( $meta_key );
    839. 

  839. 	$meta_value = wp_unslash( $meta_value );
    840. 

  840. 

  841. 	return update_metadata_by_mid( 'post', $meta_id, $meta_value, $meta_key );
    842. 

  842. }
    843. 

  843. 

  844. //
    845. 

  845. // Private
    846. 

  846. //
    847. 

  847. 

  848. /**
    849. 

  849.  * Replace hrefs of attachment anchors with up-to-date permalinks.
    850. 

  850.  *
    851. 

  851.  * @since 2.3.0
    852. 

  852.  * @access private
    853. 

  853.  *
    854. 

  854.  * @param int|object $post Post ID or post object.
    855. 

  855.  * @return void|int|WP_Error Void if nothing fixed. 0 or WP_Error on update failure. The post ID on update success.
    856. 

  856.  */
    857. 

  857. function _fix_attachment_links( $post ) {
    858. 

  858. 	$post = get_post( $post, ARRAY_A );
    859. 

  859. 	$content = $post['post_content'];
    860. 

  860. 

  861. 	// Don't run if no pretty permalinks or post is not published, scheduled, or privately published.
    862. 

  862. 	if ( ! get_option( 'permalink_structure' ) || ! in_array( $post['post_status'], array( 'publish', 'future', 'private' ) ) )
    863. 

  863. 		return;
    864. 

  864. 

  865. 	// Short if there aren't any links or no '?attachment_id=' strings (strpos cannot be zero)
    866. 

  866. 	if ( !strpos($content, '?attachment_id=') || !preg_match_all( '/<a ([^>]+)>[\s\S]+?<\/a>/', $content, $link_matches ) )
    867. 

  867. 		return;
    868. 

  868. 

  869. 	$site_url = get_bloginfo('url');
    870. 

  870. 	$site_url = substr( $site_url, (int) strpos($site_url, '://') ); // remove the http(s)
    871. 

  871. 	$replace = '';
    872. 

  872. 

  873. 	foreach ( $link_matches[1] as $key => $value ) {
    874. 

  874. 		if ( !strpos($value, '?attachment_id=') || !strpos($value, 'wp-att-')
    875. 

  875. 			|| !preg_match( '/href=(["\'])[^"\']*\?attachment_id=(\d+)[^"\']*\\1/', $value, $url_match )
    876. 

  876. 			|| !preg_match( '/rel=["\'][^"\']*wp-att-(\d+)/', $value, $rel_match ) )
    877. 

  877. 				continue;
    878. 

  878. 

  879. 		$quote = $url_match[1]; // the quote (single or double)
    880. 

  880. 		$url_id = (int) $url_match[2];
    881. 

  881. 		$rel_id = (int) $rel_match[1];
    882. 

  882. 

  883. 		if ( !$url_id || !$rel_id || $url_id != $rel_id || strpos($url_match[0], $site_url) === false )
    884. 

  884. 			continue;
    885. 

  885. 

  886. 		$link = $link_matches[0][$key];
    887. 

  887. 		$replace = str_replace( $url_match[0], 'href=' . $quote . get_attachment_link( $url_id ) . $quote, $link );
    888. 

  888. 

  889. 		$content = str_replace( $link, $replace, $content );
    890. 

  890. 	}
    891. 

  891. 

  892. 	if ( $replace ) {
    893. 

  893. 		$post['post_content'] = $content;
    894. 

  894. 		// Escape data pulled from DB.
    895. 

  895. 		$post = add_magic_quotes($post);
    896. 

  896. 

  897. 		return wp_update_post($post);
    898. 

  898. 	}
    899. 

  899. }
    900. 

  900. 

  901. /**
    902. 

  902.  * Get all the possible statuses for a post_type
    903. 

  903.  *
    904. 

  904.  * @since 2.5.0
    905. 

  905.  *
    906. 

  906.  * @param string $type The post_type you want the statuses for
    907. 

  907.  * @return array As array of all the statuses for the supplied post type
    908. 

  908.  */
    909. 

  909. function get_available_post_statuses($type = 'post') {
    910. 

  910. 	$stati = wp_count_posts($type);
    911. 

  911. 

  912. 	return array_keys(get_object_vars($stati));
    913. 

  913. }
    914. 

  914. 

  915. /**
    916. 

  916.  * Run the wp query to fetch the posts for listing on the edit posts page
    917. 

  917.  *
    918. 

  918.  * @since 2.5.0
    919. 

  919.  *
    920. 

  920.  * @param array|bool $q Array of query variables to use to build the query or false to use $_GET superglobal.
    921. 

  921.  * @return array
    922. 

  922.  */
    923. 

  923. function wp_edit_posts_query( $q = false ) {
    924. 

  924. 	if ( false === $q )
    925. 

  925. 		$q = $_GET;
    926. 

  926. 	$q['m'] = isset($q['m']) ? (int) $q['m'] : 0;
    927. 

  927. 	$q['cat'] = isset($q['cat']) ? (int) $q['cat'] : 0;
    928. 

  928. 	$post_stati  = get_post_stati();
    929. 

  929. 

  930. 	if ( isset($q['post_type']) && in_array( $q['post_type'], get_post_types() ) )
    931. 

  931. 		$post_type = $q['post_type'];
    932. 

  932. 	else
    933. 

  933. 		$post_type = 'post';
    934. 

  934. 

  935. 	$avail_post_stati = get_available_post_statuses($post_type);
    936. 

  936. 

  937. 	if ( isset($q['post_status']) && in_array( $q['post_status'], $post_stati ) ) {
    938. 

  938. 		$post_status = $q['post_status'];
    939. 

  939. 		$perm = 'readable';
    940. 

  940. 	}
    941. 

  941. 

  942. 	if ( isset($q['orderby']) )
    943. 

  943. 		$orderby = $q['orderby'];
    944. 

  944. 	elseif ( isset($q['post_status']) && in_array($q['post_status'], array('pending', 'draft')) )
    945. 

  945. 		$orderby = 'modified';
    946. 

  946. 

  947. 	if ( isset($q['order']) )
    948. 

  948. 		$order = $q['order'];
    949. 

  949. 	elseif ( isset($q['post_status']) && 'pending' == $q['post_status'] )
    950. 

  950. 		$order = 'ASC';
    951. 

  951. 

  952. 	$per_page = 'edit_' . $post_type . '_per_page';
    953. 

  953. 	$posts_per_page = (int) get_user_option( $per_page );
    954. 

  954. 	if ( empty( $posts_per_page ) || $posts_per_page < 1 )
    955. 

  955. 		$posts_per_page = 20;
    956. 

  956. 

  957. 	/**
    958. 

  958. 	 * Filter the number of items per page to show for a specific 'per_page' type.
    959. 

  959. 	 *
    960. 

  960. 	 * The dynamic hook name, $per_page, refers to a hook name comprised of the post type,
    961. 

  961. 	 * preceded by 'edit_', and succeeded by '_per_page', e.g. 'edit_$post_type_per_page'.
    962. 

  962. 	 *
    963. 

  963. 	 * Some examples of filter hooks generated here include: 'edit_attachment_per_page',
    964. 

  964. 	 * 'edit_post_per_page', 'edit_page_per_page', etc.
    965. 

  965. 	 *
    966. 

  966. 	 * @since 3.0.0
    967. 

  967. 	 *
    968. 

  968. 	 * @param int $posts_per_page Number of posts to display per page for the given 'per_page'
    969. 

  969. 	 *                            type. Default 20.
    970. 

  970. 	 */
    971. 

  971. 	$posts_per_page = apply_filters( $per_page, $posts_per_page );
    972. 

  972. 

  973. 	/**
    974. 

  974. 	 * Filter the number of posts displayed per page when specifically listing "posts".
    975. 

  975. 	 *
    976. 

  976. 	 * @since 2.8.0
    977. 

  977. 	 *
    978. 

  978. 	 * @param int    $per_page  Number of posts to be displayed. Default 20.
    979. 

  979. 	 * @param string $post_type The post type.
    980. 

  980. 	 */
    981. 

  981. 	$posts_per_page = apply_filters( 'edit_posts_per_page', $posts_per_page, $post_type );
    982. 

  982. 

  983. 	$query = compact('post_type', 'post_status', 'perm', 'order', 'orderby', 'posts_per_page');
    984. 

  984. 

  985. 	// Hierarchical types require special args.
    986. 

  986. 	if ( is_post_type_hierarchical( $post_type ) && !isset($orderby) ) {
    987. 

  987. 		$query['orderby'] = 'menu_order title';
    988. 

  988. 		$query['order'] = 'asc';
    989. 

  989. 		$query['posts_per_page'] = -1;
    990. 

  990. 		$query['posts_per_archive_page'] = -1;
    991. 

  991. 	}
    992. 

  992. 

  993. 	if ( ! empty( $q['show_sticky'] ) )
    994. 

  994. 		$query['post__in'] = (array) get_option( 'sticky_posts' );
    995. 

  995. 

  996. 	wp( $query );
    997. 

  997. 

  998. 	return $avail_post_stati;
    999. 

  999. }
    1000. 

  1000. 

  1001. /**
    1002. 

  1002.  * {@internal Missing Short Description}}
    1003. 

  1003.  *
    1004. 

  1004.  * @since 2.5.0
    1005. 

  1005.  *
    1006. 

  1006.  * @param unknown_type $type
    1007. 

  1007.  * @return unknown
    1008. 

  1008.  */
    1009. 

  1009. function get_available_post_mime_types($type = 'attachment') {
    1010. 

  1010. 	global $wpdb;
    1011. 

  1011. 

  1012. 	$types = $wpdb->get_col($wpdb->prepare("SELECT DISTINCT post_mime_type FROM $wpdb->posts WHERE post_type = %s", $type));
    1013. 

  1013. 	return $types;
    1014. 

  1014. }
    1015. 

  1015. 

  1016. /**
    1017. 

  1017.  * Executes a query for attachments. An array of WP_Query arguments
    1018. 

  1018.  * can be passed in, which will override the arguments set by this function.
    1019. 

  1019.  *
    1020. 

  1020.  * @since 2.5.0
    1021. 

  1021.  *
    1022. 

  1022.  * @param array|bool $q Array of query variables to use to build the query or false to use $_GET superglobal.
    1023. 

  1023.  * @return array
    1024. 

  1024.  */
    1025. 

  1025. function wp_edit_attachments_query( $q = false ) {
    1026. 

  1026. 	if ( false === $q )
    1027. 

  1027. 		$q = $_GET;
    1028. 

  1028. 

  1029. 	$q['m']   = isset( $q['m'] ) ? (int) $q['m'] : 0;
    1030. 

  1030. 	$q['cat'] = isset( $q['cat'] ) ? (int) $q['cat'] : 0;
    1031. 

  1031. 	$q['post_type'] = 'attachment';
    1032. 

  1032. 	$post_type = get_post_type_object( 'attachment' );
    1033. 

  1033. 	$states = 'inherit';
    1034. 

  1034. 	if ( current_user_can( $post_type->cap->read_private_posts ) )
    1035. 

  1035. 		$states .= ',private';
    1036. 

  1036. 

  1037. 	$q['post_status'] = isset( $q['status'] ) && 'trash' == $q['status'] ? 'trash' : $states;
    1038. 

  1038. 	$media_per_page = (int) get_user_option( 'upload_per_page' );
    1039. 

  1039. 	if ( empty( $media_per_page ) || $media_per_page < 1 )
    1040. 

  1040. 		$media_per_page = 20;
    1041. 

  1041. 

  1042. 	/**
    1043. 

  1043. 	 * Filter the number of items to list per page when listing media items.
    1044. 

  1044. 	 *
    1045. 

  1045. 	 * @since 2.9.0
    1046. 

  1046. 	 *
    1047. 

  1047. 	 * @param int $media_per_page Number of media to list. Default 20.
    1048. 

  1048. 	 */
    1049. 

  1049. 	$q['posts_per_page'] = apply_filters( 'upload_per_page', $media_per_page );
    1050. 

  1050. 

  1051. 	$post_mime_types = get_post_mime_types();
    1052. 

  1052. 	$avail_post_mime_types = get_available_post_mime_types('attachment');
    1053. 

  1053. 

  1054. 	if ( isset($q['post_mime_type']) && !array_intersect( (array) $q['post_mime_type'], array_keys($post_mime_types) ) )
    1055. 

  1055. 		unset($q['post_mime_type']);
    1056. 

  1056. 

  1057. 	if ( isset($q['detached']) )
    1058. 

  1058. 		$q['post_parent'] = 0;
    1059. 

  1059. 

  1060. 	wp( $q );
    1061. 

  1061. 

  1062. 	return array($post_mime_types, $avail_post_mime_types);
    1063. 

  1063. }
    1064. 

  1064. 

  1065. /**
    1066. 

  1066.  * Returns the list of classes to be used by a metabox
    1067. 

  1067.  *
    1068. 

  1068.  * @uses get_user_option()
    1069. 

  1069.  * @since 2.5.0
    1070. 

  1070.  *
    1071. 

  1071.  * @param unknown_type $id
    1072. 

  1072.  * @param unknown_type $page
    1073. 

  1073.  * @return unknown
    1074. 

  1074.  */
    1075. 

  1075. function postbox_classes( $id, $page ) {
    1076. 

  1076. 	if ( isset( $_GET['edit'] ) && $_GET['edit'] == $id ) {
    1077. 

  1077. 		$classes = array( '' );
    1078. 

  1078. 	} elseif ( $closed = get_user_option('closedpostboxes_'.$page ) ) {
    1079. 

  1079. 		if ( !is_array( $closed ) ) {
    1080. 

  1080. 			$classes = array( '' );
    1081. 

  1081. 		} else {
    1082. 

  1082. 			$classes = in_array( $id, $closed ) ? array( 'closed' ) : array( '' );
    1083. 

  1083. 		}
    1084. 

  1084. 	} else {
    1085. 

  1085. 		$classes = array( '' );
    1086. 

  1086. 	}
    1087. 

  1087. 

  1088. 	/**
    1089. 

  1089. 	 * Filter the postbox classes for a specific screen and screen ID combo.
    1090. 

  1090. 	 *
    1091. 

  1091. 	 * The dynamic portions of the hook name, $page, and $id, refer to
    1092. 

  1092. 	 * the screen, and screen ID, respectively.
    1093. 

  1093. 	 *
    1094. 

  1094. 	 * @since 3.2.0
    1095. 

  1095. 	 *
    1096. 

  1096. 	 * @param array $classes An array of postbox classes.
    1097. 

  1097. 	 */
    1098. 

  1098. 	$classes = apply_filters( "postbox_classes_{$page}_{$id}", $classes );
    1099. 

  1099. 	return implode( ' ', $classes );
    1100. 

  1100. }
    1101. 

  1101. 

  1102. /**
    1103. 

  1103.  * {@internal Missing Short Description}}
    1104. 

  1104.  *
    1105. 

  1105.  * @since 2.5.0
    1106. 

  1106.  *
    1107. 

  1107.  * @param int|object $id    Post ID or post object.
    1108. 

  1108.  * @param string $title (optional) Title
    1109. 

  1109.  * @param string $name (optional) Name
    1110. 

  1110.  * @return array With two entries of type string
    1111. 

  1111.  */
    1112. 

  1112. function get_sample_permalink($id, $title = null, $name = null) {
    1113. 

  1113. 	$post = get_post( $id );
    1114. 

  1114. 	if ( ! $post )
    1115. 

  1115. 		return array( '', '' );
    1116. 

  1116. 

  1117. 	$ptype = get_post_type_object($post->post_type);
    1118. 

  1118. 

  1119. 	$original_status = $post->post_status;
    1120. 

  1120. 	$original_date = $post->post_date;
    1121. 

  1121. 	$original_name = $post->post_name;
    1122. 

  1122. 

  1123. 	// Hack: get_permalink() would return ugly permalink for drafts, so we will fake that our post is published.
    1124. 

  1124. 	if ( in_array( $post->post_status, array( 'draft', 'pending' ) ) ) {
    1125. 

  1125. 		$post->post_status = 'publish';
    1126. 

  1126. 		$post->post_name = sanitize_title($post->post_name ? $post->post_name : $post->post_title, $post->ID);
    1127. 

  1127. 	}
    1128. 

  1128. 

  1129. 	// If the user wants to set a new name -- override the current one
    1130. 

  1130. 	// Note: if empty name is supplied -- use the title instead, see #6072
    1131. 

  1131. 	if ( !is_null($name) )
    1132. 

  1132. 		$post->post_name = sanitize_title($name ? $name : $title, $post->ID);
    1133. 

  1133. 

  1134. 	$post->post_name = wp_unique_post_slug($post->post_name, $post->ID, $post->post_status, $post->post_type, $post->post_parent);
    1135. 

  1135. 

  1136. 	$post->filter = 'sample';
    1137. 

  1137. 

  1138. 	$permalink = get_permalink($post, true);
    1139. 

  1139. 

  1140. 	// Replace custom post_type Token with generic pagename token for ease of use.
    1141. 

  1141. 	$permalink = str_replace("%$post->post_type%", '%pagename%', $permalink);
    1142. 

  1142. 

  1143. 	// Handle page hierarchy
    1144. 

  1144. 	if ( $ptype->hierarchical ) {
    1145. 

  1145. 		$uri = get_page_uri($post);
    1146. 

  1146. 		$uri = untrailingslashit($uri);
    1147. 

  1147. 		$uri = strrev( stristr( strrev( $uri ), '/' ) );
    1148. 

  1148. 		$uri = untrailingslashit($uri);
    1149. 

  1149. 

  1150. 		/** This filter is documented in wp-admin/edit-tag-form.php */
    1151. 

  1151. 		$uri = apply_filters( 'editable_slug', $uri );
    1152. 

  1152. 		if ( !empty($uri) )
    1153. 

  1153. 			$uri .= '/';
    1154. 

  1154. 		$permalink = str_replace('%pagename%', "{$uri}%pagename%", $permalink);
    1155. 

  1155. 	}
    1156. 

  1156. 

  1157. 	/** This filter is documented in wp-admin/edit-tag-form.php */
    1158. 

  1158. 	$permalink = array( $permalink, apply_filters( 'editable_slug', $post->post_name ) );
    1159. 

  1159. 	$post->post_status = $original_status;
    1160. 

  1160. 	$post->post_date = $original_date;
    1161. 

  1161. 	$post->post_name = $original_name;
    1162. 

  1162. 	unset($post->filter);
    1163. 

  1163. 

  1164. 	return $permalink;
    1165. 

  1165. }
    1166. 

  1166. 

  1167. /**
    1168. 

  1168.  * Returns the HTML of the sample permalink slug editor.
    1169. 

  1169.  *
    1170. 

  1170.  * @since 2.5.0
    1171. 

  1171.  *
    1172. 

  1172.  * @param int|object $id Post ID or post object.
    1173. 

  1173.  * @param string $new_title Optional. New title.
    1174. 

  1174.  * @param string $new_slug Optional. New slug.
    1175. 

  1175.  * @return string The HTML of the sample permalink slug editor.
    1176. 

  1176.  */
    1177. 

  1177. function get_sample_permalink_html( $id, $new_title = null, $new_slug = null ) {
    1178. 

  1178. 	$post = get_post( $id );
    1179. 

  1179. 	if ( ! $post )
    1180. 

  1180. 		return '';
    1181. 

  1181. 

  1182. 	list($permalink, $post_name) = get_sample_permalink($post->ID, $new_title, $new_slug);
    1183. 

  1183. 

  1184. 	if ( current_user_can( 'read_post', $post->ID ) ) {
    1185. 

  1185. 		$ptype = get_post_type_object( $post->post_type );
    1186. 

  1186. 		$view_post = $ptype->labels->view_item;
    1187. 

  1187. 	}
    1188. 

  1188. 

  1189. 	if ( 'publish' == get_post_status( $post ) ) {
    1190. 

  1190. 		$title = __('Click to edit this part of the permalink');
    1191. 

  1191. 	} else {
    1192. 

  1192. 		$title = __('Temporary permalink. Click to edit this part.');
    1193. 

  1193. 	}
    1194. 

  1194. 

  1195. 	if ( false === strpos($permalink, '%postname%') && false === strpos($permalink, '%pagename%') ) {
    1196. 

  1196. 		$return = '<strong>' . __('Permalink:') . "</strong>\n" . '<span id="sample-permalink" tabindex="-1">' . $permalink . "</span>\n";
    1197. 

  1197. 		if ( '' == get_option( 'permalink_structure' ) && current_user_can( 'manage_options' ) && !( 'page' == get_option('show_on_front') && $id == get_option('page_on_front') ) )
    1198. 

  1198. 			$return .= '<span id="change-permalinks"><a href="options-permalink.php" class="button button-small" target="_blank">' . __('Change Permalinks') . "</a></span>\n";
    1199. 

  1199. 		if ( isset( $view_post ) )
    1200. 

  1200. 			$return .= "<span id='view-post-btn'><a href='$permalink' class='button button-small'>$view_post</a></span>\n";
    1201. 

  1201. 

  1202. 		/**
    1203. 

  1203. 		 * Filter the sample permalink HTML markup.
    1204. 

  1204. 		 *
    1205. 

  1205. 		 * @since 2.9.0
    1206. 

  1206. 		 *
    1207. 

  1207. 		 * @param string      $return    Sample permalink HTML markup.
    1208. 

  1208. 		 * @param int|WP_Post $id        Post object or ID.
    1209. 

  1209. 		 * @param string      $new_title New sample permalink title.
    1210. 

  1210. 		 * @param string      $new_slug  New sample permalink slug.
    1211. 

  1211. 		 */
    1212. 

  1212. 		$return = apply_filters( 'get_sample_permalink_html', $return, $id, $new_title, $new_slug );
    1213. 

  1213. 

  1214. 		return $return;
    1215. 

  1215. 	}
    1216. 

  1216. 

  1217. 	if ( function_exists('mb_strlen') ) {
    1218. 

  1218. 		if ( mb_strlen($post_name) > 30 ) {
    1219. 

  1219. 			$post_name_abridged = mb_substr($post_name, 0, 14). '&hellip;' . mb_substr($post_name, -14);
    1220. 

  1220. 		} else {
    1221. 

  1221. 			$post_name_abridged = $post_name;
    1222. 

  1222. 		}
    1223. 

  1223. 	} else {
    1224. 

  1224. 		if ( strlen($post_name) > 30 ) {
    1225. 

  1225. 			$post_name_abridged = substr($post_name, 0, 14). '&hellip;' . substr($post_name, -14);
    1226. 

  1226. 		} else {
    1227. 

  1227. 			$post_name_abridged = $post_name;
    1228. 

  1228. 		}
    1229. 

  1229. 	}
    1230. 

  1230. 

  1231. 	$post_name_html = '<span id="editable-post-name" title="' . $title . '">' . $post_name_abridged . '</span>';
    1232. 

  1232. 	$display_link = str_replace(array('%pagename%','%postname%'), $post_name_html, $permalink);
    1233. 

  1233. 	$view_link = str_replace(array('%pagename%','%postname%'), $post_name, $permalink);
    1234. 

  1234. 	$return =  '<strong>' . __('Permalink:') . "</strong>\n";
    1235. 

  1235. 	$return .= '<span id="sample-permalink" tabindex="-1">' . $display_link . "</span>\n";
    1236. 

  1236. 	$return .= '&lrm;'; // Fix bi-directional text display defect in RTL languages.
    1237. 

  1237. 	$return .= '<span id="edit-slug-buttons"><a href="#post_name" class="edit-slug button button-small hide-if-no-js" onclick="editPermalink(' . $id . '); return false;">' . __('Edit') . "</a></span>\n";
    1238. 

  1238. 	$return .= '<span id="editable-post-name-full">' . $post_name . "</span>\n";
    1239. 

  1239. 

  1240. 	if ( isset( $view_post ) ) {
    1241. 

  1241. 		$return .= "<span id='view-post-btn'><a href='" . get_permalink( $post ) . "' class='button button-small'>$view_post</a></span>\n";
    1242. 

  1242. 	}
    1243. 

  1243. 

  1244. 	/** This filter is documented in wp-admin/includes/post.php */
    1245. 

  1245. 	$return = apply_filters( 'get_sample_permalink_html', $return, $id, $new_title, $new_slug );
    1246. 

  1246. 

  1247. 	return $return;
    1248. 

  1248. }
    1249. 

  1249. 

  1250. /**
    1251. 

  1251.  * Output HTML for the post thumbnail meta-box.
    1252. 

  1252.  *
    1253. 

  1253.  * @since 2.9.0
    1254. 

  1254.  *
    1255. 

  1255.  * @param int $thumbnail_id ID of the attachment used for thumbnail
    1256. 

  1256.  * @param mixed $post The post ID or object associated with the thumbnail, defaults to global $post.
    1257. 

  1257.  * @return string html
    1258. 

  1258.  */
    1259. 

  1259. function _wp_post_thumbnail_html( $thumbnail_id = null, $post = null ) {
    1260. 

  1260. 	global $content_width, $_wp_additional_image_sizes;
    1261. 

  1261. 

  1262. 	$post = get_post( $post );
    1263. 

  1263. 

  1264. 	$upload_iframe_src = esc_url( get_upload_iframe_src('image', $post->ID ) );
    1265. 

  1265. 	$set_thumbnail_link = '<p class="hide-if-no-js"><a title="' . esc_attr__( 'Set featured image' ) . '" href="%s" id="set-post-thumbnail" class="thickbox">%s</a></p>';
    1266. 

  1266. 	$content = sprintf( $set_thumbnail_link, $upload_iframe_src, esc_html__( 'Set featured image' ) );
    1267. 

  1267. 

  1268. 	if ( $thumbnail_id && get_post( $thumbnail_id ) ) {
    1269. 

  1269. 		$old_content_width = $content_width;
    1270. 

  1270. 		$content_width = 266;
    1271. 

  1271. 		if ( !isset( $_wp_additional_image_sizes['post-thumbnail'] ) )
    1272. 

  1272. 			$thumbnail_html = wp_get_attachment_image( $thumbnail_id, array( $content_width, $content_width ) );
    1273. 

  1273. 		else
    1274. 

  1274. 			$thumbnail_html = wp_get_attachment_image( $thumbnail_id, 'post-thumbnail' );
    1275. 

  1275. 		if ( !empty( $thumbnail_html ) ) {
    1276. 

  1276. 			$ajax_nonce = wp_create_nonce( 'set_post_thumbnail-' . $post->ID );
    1277. 

  1277. 			$content = sprintf( $set_thumbnail_link, $upload_iframe_src, $thumbnail_html );
    1278. 

  1278. 			$content .= '<p class="hide-if-no-js"><a href="#" id="remove-post-thumbnail" onclick="WPRemoveThumbnail(\'' . $ajax_nonce . '\');return false;">' . esc_html__( 'Remove featured image' ) . '</a></p>';
    1279. 

  1279. 		}
    1280. 

  1280. 		$content_width = $old_content_width;
    1281. 

  1281. 	}
    1282. 

  1282. 

  1283. 	/**
    1284. 

  1284. 	 * Filter the admin post thumbnail HTML markup to return.
    1285. 

  1285. 	 *
    1286. 

  1286. 	 * @since 2.9.0
    1287. 

  1287. 	 *
    1288. 

  1288. 	 * @param string $content Admin post thumbnail HTML markup.
    1289. 

  1289. 	 * @param int    $post_id Post ID.
    1290. 

  1290. 	 */
    1291. 

  1291. 	return apply_filters( 'admin_post_thumbnail_html', $content, $post->ID );
    1292. 

  1292. }
    1293. 

  1293. 

  1294. /**
    1295. 

  1295.  * Check to see if the post is currently being edited by another user.
    1296. 

  1296.  *
    1297. 

  1297.  * @since 2.5.0
    1298. 

  1298.  *
    1299. 

  1299.  * @param int $post_id ID of the post to check for editing
    1300. 

  1300.  * @return bool|int False: not locked or locked by current user. Int: user ID of user with lock.
    1301. 

  1301.  */
    1302. 

  1302. function wp_check_post_lock( $post_id ) {
    1303. 

  1303. 	if ( !$post = get_post( $post_id ) )
    1304. 

  1304. 		return false;
    1305. 

  1305. 

  1306. 	if ( !$lock = get_post_meta( $post->ID, '_edit_lock', true ) )
    1307. 

  1307. 		return false;
    1308. 

  1308. 

  1309. 	$lock = explode( ':', $lock );
    1310. 

  1310. 	$time = $lock[0];
    1311. 

  1311. 	$user = isset( $lock[1] ) ? $lock[1] : get_post_meta( $post->ID, '_edit_last', true );
    1312. 

  1312. 

  1313. 	/** This filter is documented in wp-admin/includes/ajax-actions.php */
    1314. 

  1314. 	$time_window = apply_filters( 'wp_check_post_lock_window', 150 );
    1315. 

  1315. 

  1316. 	if ( $time && $time > time() - $time_window && $user != get_current_user_id() )
    1317. 

  1317. 		return $user;
    1318. 

  1318. 	return false;
    1319. 

  1319. }
    1320. 

  1320. 

  1321. /**
    1322. 

  1322.  * Mark the post as currently being edited by the current user
    1323. 

  1323.  *
    1324. 

  1324.  * @since 2.5.0
    1325. 

  1325.  *
    1326. 

  1326.  * @param int $post_id ID of the post to being edited
    1327. 

  1327.  * @return bool|array Returns false if the post doesn't exist of there is no current user, or
    1328. 

  1328.  * 	an array of the lock time and the user ID.
    1329. 

  1329.  */
    1330. 

  1330. function wp_set_post_lock( $post_id ) {
    1331. 

  1331. 	if ( !$post = get_post( $post_id ) )
    1332. 

  1332. 		return false;
    1333. 

  1333. 	if ( 0 == ($user_id = get_current_user_id()) )
    1334. 

  1334. 		return false;
    1335. 

  1335. 

  1336. 	$now = time();
    1337. 

  1337. 	$lock = "$now:$user_id";
    1338. 

  1338. 

  1339. 	update_post_meta( $post->ID, '_edit_lock', $lock );
    1340. 

  1340. 	return array( $now, $user_id );
    1341. 

  1341. }
    1342. 

  1342. 

  1343. /**
    1344. 

  1344.  * Outputs the HTML for the notice to say that someone else is editing or has taken over editing of this post.
    1345. 

  1345.  *
    1346. 

  1346.  * @since 2.8.5
    1347. 

  1347.  * @return none
    1348. 

  1348.  */
    1349. 

  1349. function _admin_notice_post_locked() {
    1350. 

  1350. 	if ( ! $post = get_post() )
    1351. 

  1351. 		return;
    1352. 

  1352. 

  1353. 	$user = null;
    1354. 

  1354. 	if (  $user_id = wp_check_post_lock( $post->ID ) )
    1355. 

  1355. 		$user = get_userdata( $user_id );
    1356. 

  1356. 

  1357. 	if ( $user ) {
    1358. 

  1358. 

  1359. 		/**
    1360. 

  1360. 		 * Filter whether to show the post locked dialog.
    1361. 

  1361. 		 *
    1362. 

  1362. 		 * Returning a falsey value to the filter will short-circuit displaying the dialog.
    1363. 

  1363. 		 *
    1364. 

  1364. 		 * @since 3.6.0
    1365. 

  1365. 		 *
    1366. 

  1366. 		 * @param bool         $display Whether to display the dialog. Default true.
    1367. 

  1367. 		 * @param WP_User|bool $user    WP_User object on success, false otherwise.
    1368. 

  1368. 		 */
    1369. 

  1369. 		if ( ! apply_filters( 'show_post_locked_dialog', true, $post, $user ) )
    1370. 

  1370. 			return;
    1371. 

  1371. 

  1372. 		$locked = true;
    1373. 

  1373. 	} else {
    1374. 

  1374. 		$locked = false;
    1375. 

  1375. 	}
    1376. 

  1376. 

  1377. 	if ( $locked && ( $sendback = wp_get_referer() ) &&
    1378. 

  1378. 		false === strpos( $sendback, 'post.php' ) && false === strpos( $sendback, 'post-new.php' ) ) {
    1379. 

  1379. 

  1380. 		$sendback_text = __('Go back');
    1381. 

  1381. 	} else {
    1382. 

  1382. 		$sendback = admin_url( 'edit.php' );
    1383. 

  1383. 

  1384. 		if ( 'post' != $post->post_type )
    1385. 

  1385. 			$sendback = add_query_arg( 'post_type', $post->post_type, $sendback );
    1386. 

  1386. 

  1387. 		$sendback_text = get_post_type_object( $post->post_type )->labels->all_items;
    1388. 

  1388. 	}
    1389. 

  1389. 

  1390. 	$hidden = $locked ? '' : ' hidden';
    1391. 

  1391. 

  1392. 	?>
    1393. 

  1393. 	<div id="post-lock-dialog" class="notification-dialog-wrap<?php echo $hidden; ?>">
    1394. 

  1394. 	<div class="notification-dialog-background"></div>
    1395. 

  1395. 	<div class="notification-dialog">
    1396. 

  1396. 	<?php
    1397. 

  1397. 

  1398. 	if ( $locked ) {
    1399. 

  1399. 		if ( get_post_type_object( $post->post_type )->public ) {
    1400. 

  1400. 			$preview_link = set_url_scheme( add_query_arg( 'preview', 'true', get_permalink( $post->ID ) ) );
    1401. 

  1401. 

  1402. 			if ( 'publish' == $post->post_status || $user->ID != $post->post_author ) {
    1403. 

  1403. 				// Latest content is in autosave
    1404. 

  1404. 				$nonce = wp_create_nonce( 'post_preview_' . $post->ID );
    1405. 

  1405. 				$preview_link = add_query_arg( array( 'preview_id' => $post->ID, 'preview_nonce' => $nonce ), $preview_link );
    1406. 

  1406. 			}
    1407. 

  1407. 		} else {
    1408. 

  1408. 			$preview_link = '';
    1409. 

  1409. 		}
    1410. 

  1410. 

  1411. 		/** This filter is documented in wp-admin/includes/meta-boxes.php */
    1412. 

  1412. 		$preview_link = apply_filters( 'preview_post_link', $preview_link );
    1413. 

  1413. 

  1414. 		/**
    1415. 

  1415. 		 * Filter whether to allow the post lock to be overridden.
    1416. 

  1416. 		 *
    1417. 

  1417. 		 * Returning a falsey value to the filter will disable the ability
    1418. 

  1418. 		 * to override the post lock.
    1419. 

  1419. 		 *
    1420. 

  1420. 		 * @since 3.6.0
    1421. 

  1421. 		 *
    1422. 

  1422. 		 * @param bool    $override Whether to allow overriding post locks. Default true.
    1423. 

  1423. 		 * @param WP_Post $post     Post object.
    1424. 

  1424. 		 * @param WP_User $user     User object.
    1425. 

  1425. 		 */
    1426. 

  1426. 		$override = apply_filters( 'override_post_lock', true, $post, $user );
    1427. 

  1427. 		$tab_last = $override ? '' : ' wp-tab-last';
    1428. 

  1428. 

  1429. 		?>
    1430. 

  1430. 		<div class="post-locked-message">
    1431. 

  1431. 		<div class="post-locked-avatar"><?php echo get_avatar( $user->ID, 64 ); ?></div>
    1432. 

  1432. 		<p class="currently-editing wp-tab-first" tabindex="0">
    1433. 

  1433. 		<?php
    1434. 

  1434. 			_e( 'This content is currently locked.' );
    1435. 

  1435. 			if ( $override )
    1436. 

  1436. 				printf( ' ' . __( 'If you take over, %s will be blocked from continuing to edit.' ), esc_html( $user->display_name ) );
    1437. 

  1437. 		?>
    1438. 

  1438. 		</p>
    1439. 

  1439. 		<?php
    1440. 

  1440. 		/**
    1441. 

  1441. 		 * Fires inside the post locked dialog before the buttons are displayed.
    1442. 

  1442. 		 *
    1443. 

  1443. 		 * @since 3.6.0
    1444. 

  1444. 		 *
    1445. 

  1445. 		 * @param WP_Post $post Post object.
    1446. 

  1446. 		 */
    1447. 

  1447. 		do_action( 'post_locked_dialog', $post );
    1448. 

  1448. 		?>
    1449. 

  1449. 		<p>
    1450. 

  1450. 		<a class="button" href="<?php echo esc_url( $sendback ); ?>"><?php echo $sendback_text; ?></a>
    1451. 

  1451. 		<?php if ( $preview_link ) { ?>
    1452. 

  1452. 		<a class="button<?php echo $tab_last; ?>" href="<?php echo esc_url( $preview_link ); ?>"><?php _e('Preview'); ?></a>
    1453. 

  1453. 		<?php
    1454. 

  1454. 		}
    1455. 

  1455. 

  1456. 		// Allow plugins to prevent some users overriding the post lock
    1457. 

  1457. 		if ( $override ) {
    1458. 

  1458. 			?>
    1459. 

  1459. 			<a class="button button-primary wp-tab-last" href="<?php echo esc_url( add_query_arg( 'get-post-lock', '1', get_edit_post_link( $post->ID, 'url' ) ) ); ?>"><?php _e('Take over'); ?></a>
    1460. 

  1460. 			<?php
    1461. 

  1461. 		}
    1462. 

  1462. 

  1463. 		?>
    1464. 

  1464. 		</p>
    1465. 

  1465. 		</div>
    1466. 

  1466. 		<?php
    1467. 

  1467. 	} else {
    1468. 

  1468. 		?>
    1469. 

  1469. 		<div class="post-taken-over">
    1470. 

  1470. 			<div class="post-locked-avatar"></div>
    1471. 

  1471. 			<p class="wp-tab-first" tabindex="0">
    1472. 

  1472. 			<span class="currently-editing"></span><br>
    1473. 

  1473. 			<span class="locked-saving hidden"><img src="images/wpspin_light-2x.gif" width="16" height="16" /> <?php _e('Saving revision...'); ?></span>
    1474. 

  1474. 			<span class="locked-saved hidden"><?php _e('Your latest changes were saved as a revision.'); ?></span>
    1475. 

  1475. 			</p>
    1476. 

  1476. 			<?php
    1477. 

  1477. 			/**
    1478. 

  1478. 			 * Fires inside the dialog displayed when a user has lost the post lock.
    1479. 

  1479. 			 *
    1480. 

  1480. 			 * @since 3.6.0
    1481. 

  1481. 			 *
    1482. 

  1482. 			 * @param WP_Post $post Post object.
    1483. 

  1483. 			 */
    1484. 

  1484. 			do_action( 'post_lock_lost_dialog', $post );
    1485. 

  1485. 			?>
    1486. 

  1486. 			<p><a class="button button-primary wp-tab-last" href="<?php echo esc_url( $sendback ); ?>"><?php echo $sendback_text; ?></a></p>
    1487. 

  1487. 		</div>
    1488. 

  1488. 		<?php
    1489. 

  1489. 	}
    1490. 

  1490. 

  1491. 	?>
    1492. 

  1492. 	</div>
    1493. 

  1493. 	</div>
    1494. 

  1494. 	<?php
    1495. 

  1495. }
    1496. 

  1496. 

  1497. /**
    1498. 

  1498.  * Creates autosave data for the specified post from $_POST data.
    1499. 

  1499.  *
    1500. 

  1500.  * @package WordPress
    1501. 

  1501.  * @subpackage Post_Revisions
    1502. 

  1502.  * @since 2.6.0
    1503. 

  1503.  *
    1504. 

  1504.  * @uses _wp_translate_postdata()
    1505. 

  1505.  * @uses _wp_post_revision_fields()
    1506. 

  1506.  *
    1507. 

  1507.  * @param mixed $post_data Associative array containing the post data or int post ID.
    1508. 

  1508.  * @return mixed The autosave revision ID. WP_Error or 0 on error.
    1509. 

  1509.  */
    1510. 

  1510. function wp_create_post_autosave( $post_data ) {
    1511. 

  1511. 	if ( is_numeric( $post_data ) ) {
    1512. 

  1512. 		$post_id = $post_data;
    1513. 

  1513. 		$post_data = &$_POST;
    1514. 

  1514. 	} else {
    1515. 

  1515. 		$post_id = (int) $post_data['post_ID'];
    1516. 

  1516. 	}
    1517. 

  1517. 

  1518. 	$post_data = _wp_translate_postdata( true, $post_data );
    1519. 

  1519. 	if ( is_wp_error( $post_data ) )
    1520. 

  1520. 		return $post_data;
    1521. 

  1521. 

  1522. 	$post_author = get_current_user_id();
    1523. 

  1523. 

  1524. 	// Store one autosave per author. If there is already an autosave, overwrite it.
    1525. 

  1525. 	if ( $old_autosave = wp_get_post_autosave( $post_id, $post_author ) ) {
    1526. 

  1526. 		$new_autosave = _wp_post_revision_fields( $post_data, true );
    1527. 

  1527. 		$new_autosave['ID'] = $old_autosave->ID;
    1528. 

  1528. 		$new_autosave['post_author'] = $post_author;
    1529. 

  1529. 

  1530. 		// If the new autosave has the same content as the post, delete the autosave.
    1531. 

  1531. 		$post = get_post( $post_id );
    1532. 

  1532. 		$autosave_is_different = false;
    1533. 

  1533. 		foreach ( array_intersect( array_keys( $new_autosave ), array_keys( _wp_post_revision_fields() ) ) as $field ) {
    1534. 

  1534. 			if ( normalize_whitespace( $new_autosave[ $field ] ) != normalize_whitespace( $post->$field ) ) {
    1535. 

  1535. 				$autosave_is_different = true;
    1536. 

  1536. 				break;
    1537. 

  1537. 			}
    1538. 

  1538. 		}
    1539. 

  1539. 

  1540. 		if ( ! $autosave_is_different ) {
    1541. 

  1541. 			wp_delete_post_revision( $old_autosave->ID );
    1542. 

  1542. 			return 0;
    1543. 

  1543. 		}
    1544. 

  1544. 

  1545. 		return wp_update_post( $new_autosave );
    1546. 

  1546. 	}
    1547. 

  1547. 

  1548. 	// _wp_put_post_revision() expects unescaped.
    1549. 

  1549. 	$post_data = wp_unslash( $post_data );
    1550. 

  1550. 

  1551. 	// Otherwise create the new autosave as a special post revision
    1552. 

  1552. 	return _wp_put_post_revision( $post_data, true );
    1553. 

  1553. }
    1554. 

  1554. 

  1555. /**
    1556. 

  1556.  * Save draft or manually autosave for showing preview.
    1557. 

  1557.  *
    1558. 

  1558.  * @package WordPress
    1559. 

  1559.  * @since 2.7.0
    1560. 

  1560.  *
    1561. 

  1561.  * @uses get_post_status()
    1562. 

  1562.  * @uses edit_post()
    1563. 

  1563.  * @uses get_post()
    1564. 

  1564.  * @uses current_user_can()
    1565. 

  1565.  * @uses wp_die()
    1566. 

  1566.  * @uses wp_create_post_autosave()
    1567. 

  1567.  * @uses add_query_arg()
    1568. 

  1568.  * @uses wp_create_nonce()
    1569. 

  1569.  *
    1570. 

  1570.  * @return str URL to redirect to show the preview
    1571. 

  1571.  */
    1572. 

  1572. function post_preview() {
    1573. 

  1573. 

  1574. 	$post_ID = (int) $_POST['post_ID'];
    1575. 

  1575. 	$_POST['ID'] = $post_ID;
    1576. 

  1576. 

  1577. 	if ( ! $post = get_post( $post_ID ) ) {
    1578. 

  1578. 		wp_die( __( 'You are not allowed to edit this post.' ) );
    1579. 

  1579. 	}
    1580. 

  1580. 

  1581. 	if ( ! current_user_can( 'edit_post', $post->ID ) ) {
    1582. 

  1582. 		wp_die( __( 'You are not allowed to edit this post.' ) );
    1583. 

  1583. 	}
    1584. 

  1584. 

  1585. 	$is_autosave = false;
    1586. 

  1586. 

  1587. 	if ( ! wp_check_post_lock( $post->ID ) && get_current_user_id() == $post->post_author && ( 'draft' == $post->post_status || 'auto-draft' == $post->post_status ) ) {
    1588. 

  1588. 		$saved_post_id = edit_post();
    1589. 

  1589. 	} else {
    1590. 

  1590. 		$is_autosave = true;
    1591. 

  1591. 

  1592. 		if ( 'auto-draft' == $_POST['post_status'] )
    1593. 

  1593. 			$_POST['post_status'] = 'dra…
    1594.

Large files files are truncated, but you can click here to view the full file