} elseif (isset($_POST['publish'])) { $location = "page-new.php?posted={$page_ID}"; } elseif ($action == 'editattachment') { $location = 'attachments.php'; } else { $location = "page.php?action=edit&post={$page_ID}&message=4"; } wp_redirect($location); } if (isset($_POST['deletepost'])) { $action = "delete"; } switch ($action) { case 'post': check_admin_referer('add-page'); $page_ID = write_post(); redirect_page($page_ID); exit; break; case 'edit': $title = __('Edit'); $editing = true; $page_ID = $post_ID = $p = (int) $_GET['post']; $post = get_post_to_edit($page_ID); if (empty($post->ID)) { wp_die(__("You attempted to edit a page that doesn't exist. Perhaps it was deleted?")); } if ('page' != $post->post_type) { wp_redirect(get_edit_post_link($post_ID, 'url')); exit; }
if (isset($_POST['deletepost'])) { $action = "delete"; } // Fix submenu highlighting for pages. if ( isset($_REQUEST['post']) && 'static' == get_post_status($_REQUEST['post']) ) $submenu_file = 'page-new.php'; $editing = true; switch($action) { case 'post': check_admin_referer('add-post'); $post_ID = write_post(); // Redirect. if (!empty($_POST['mode'])) { switch($_POST['mode']) { case 'bookmarklet': $location = $_POST['referredby']; break; case 'sidebar': $location = 'sidebar.php?a=b'; break; default: $location = 'post.php'; break; } } else {
exit; } if ($error_msg) { return wp_dashboard_quick_press($error_msg); } $post = get_post($_REQUEST['post_ID']); check_admin_referer('add-' . $post->post_type); $_POST['comment_status'] = get_default_comment_status($post->post_type); $_POST['ping_status'] = get_default_comment_status($post->post_type, 'pingback'); edit_post(); wp_dashboard_quick_press(); exit; case 'postajaxpost': case 'post': check_admin_referer('add-' . $post_type); $post_id = 'postajaxpost' == $action ? edit_post() : write_post(); redirect_post($post_id); exit; case 'edit': $editing = true; if (empty($post_id)) { wp_redirect(admin_url('post.php')); exit; } if (!$post) { wp_die(__('You attempted to edit an item that doesn’t exist. Perhaps it was deleted?')); } if (!$post_type_object) { wp_die(__('Unknown post type.')); } if (!in_array($typenow, get_post_types(array('show_ui' => true)))) {
/** * Handles the post back from the edit content form. This isn't really a * ajax post back, but it was the easiest way to handle the request without * a bunch of url/include handling. * * @todo change this to work like the manage page works instead. * */ public function ajax_submit_custom_content() { $action = $_POST['hiddenaction']; $post_type = $_POST['post_type']; do_action('submit_custom_content', $post_type, $action); if ($handler = $this->get_content_handler($post_type)) { switch ($action) { case 'post': check_admin_referer('add-post'); $post_ID = write_post(); $handler->redirect_content($post_ID); exit; break; case 'editpost': $post_ID = (int) $_POST['post_ID']; check_admin_referer('update-post_' . $post_ID); if (!current_user_can('edit_post', $post_ID)) { wp_die(__('You are not allowed to edit this post.')); } $post_data =& $_POST; $handler->update_content($post_ID, $post_data); break; } } die(0); }
strpos( $sendback, 'post-new.php' ) !== false ) { if ( 'attachment' == $post_type ) { $sendback = admin_url( 'upload.php' ); } else { $sendback = admin_url( 'edit.php' ); $sendback .= ( ! empty( $post_type ) ) ? '?post_type=' . $post_type : ''; } } else { $sendback = remove_query_arg( array('trashed', 'untrashed', 'deleted', 'ids'), $sendback ); } */ switch ($action) { case 'post': check_admin_referer('add-' . $post_type); $_POST['publish'] = 'publish'; // tell write_post() to publish $post_id = write_post(); redirect_post($post_id, $_url); exit; break; case 'editpost': check_admin_referer('update-post_' . $post_id); $post_id = edit_post(); redirect_post($post_id, $_url); // Send user on their way while we keep working exit; break; case 'edit': default: $editing = true; if (empty($post_id)) { wp_redirect(admin_url('admin.php') . '?page=CRED_Forms');
$location = "post-new.php?posted={$post_ID}"; } elseif ($action == 'editattachment') { $location = 'attachments.php'; } else { $location = "post.php?action=edit&post={$post_ID}&message=4"; } wp_redirect($location); } if (isset($_POST['deletepost'])) { $action = 'delete'; } switch ($action) { case 'postajaxpost': case 'post': check_admin_referer('add-post'); $post_ID = 'post' == $action ? write_post() : edit_post(); redirect_post($post_ID); exit; break; case 'edit': $title = __('Edit'); $editing = true; if (empty($_GET['post'])) { wp_redirect("post.php"); exit; } $post_ID = $p = (int) $_GET['post']; $post = get_post($post_ID); if (empty($post->ID)) { wp_die(__("You attempted to edit a post that doesn't exist. Perhaps it was deleted?")); }
public function form_handler() { if (isset($_POST['post_ID'])) { require_once ABSPATH . '/wp-admin/includes/post.php'; $action = isset($_POST['action']) ? $_POST['action'] : ''; if (isset($_GET['post'])) { $post_id = $post_ID = (int) $_GET['post']; } elseif (isset($_POST['post_ID'])) { $post_id = $post_ID = (int) $_POST['post_ID']; } else { $post_id = $post_ID = 0; } $post = $post_type = $post_type_object = null; if ($post_id) { $post = get_post($post_id); } if ($post) { $post_type = $post->post_type; $post_type_object = get_post_type_object($post_type); } if (isset($_POST['deletepost'])) { $action = 'delete'; } elseif (isset($_POST['wp-preview']) && 'dopreview' == $_POST['wp-preview']) { $action = 'preview'; } $sendback = wp_get_referer(); if (!$sendback || strpos($sendback, 'post.php') !== false || strpos($sendback, 'post-new.php') !== false) { if ('attachment' == $post_type) { $sendback = admin_url('upload.php'); } else { $sendback = admin_url('edit.php'); $sendback .= !empty($post_type) ? '?post_type=' . $post_type : ''; } } else { $sendback = remove_query_arg(array('trashed', 'untrashed', 'deleted', 'ids'), $sendback); } switch ($action) { case 'postajaxpost': case 'post': check_admin_referer('add-' . $post_type); $post_id = 'postajaxpost' == $action ? edit_post() : write_post(); $this->redirect_post($post_id); exit; break; case 'editpost': wp_verify_nonce('update-post_' . $post_id); $post_id = edit_post(); // Session cookie flag that the post was saved if (isset($_COOKIE['wp-saving-post-' . $post_id])) { setcookie('wp-saving-post-' . $post_id, 'saved'); } $this->redirect_post($post_id); // Send user on their way while we keep working exit; break; case 'trash': check_admin_referer('trash-post_' . $post_id); if (!$post) { wp_die(__('The item you are trying to move to the Trash no longer exists.')); } if (!$post_type_object) { wp_die(__('Unknown post type.')); } if (!current_user_can('delete_post', $post_id)) { wp_die(__('You are not allowed to move this item to the Trash.')); } if ($user_id = wp_check_post_lock($post_id)) { $user = get_userdata($user_id); wp_die(sprintf(__('You cannot move this item to the Trash. %s is currently editing.'), $user->display_name)); } if (!wp_trash_post($post_id)) { wp_die(__('Error in moving to Trash.')); } wp_redirect(add_query_arg(array('trashed' => 1, 'ids' => $post_id), $sendback)); exit; break; case 'preview': check_admin_referer('update-post_' . $post_id); $url = post_preview(); wp_redirect($url); exit; break; } // end switch } }