/** * Upload * Ajax callback function * * @return string Error or (XML-)response */ static function handle_upload() { check_admin_referer('rwmb-upload-images_' . $_REQUEST['field_id']); $post_id = 0; if (is_numeric($_REQUEST['post_id'])) { $post_id = (int) $_REQUEST['post_id']; } // You can use WP's wp_handle_upload() function: $file = $_FILES['async-upload']; $file_attr = wp_handle_upload($file, array('test_form' => true, 'action' => 'plupload_image_upload')); $attachment = array('guid' => $file_attr['url'], 'post_mime_type' => $file_attr['type'], 'post_title' => preg_replace('/\\.[^.]+$/', '', basename($file['name'])), 'post_content' => '', 'post_status' => 'inherit'); // Adds file as attachment to WordPress $id = wp_insert_attachment($attachment, $file_attr['file'], $post_id); if (!is_wp_error($id)) { wp_update_attachment_metadata($id, wp_generate_attachment_metadata($id, $file_attr['file'])); // Save file ID in meta field if (isset($_REQUEST['field_id'])) { add_post_meta($post_id, $_REQUEST['field_id'], $id, false); } $response = new WP_Ajax_Response(); $response->add(array('what' => 'rwmb_image_response', 'data' => self::img_html($id))); $response->send(); } exit; }
/** * Upload * Ajax callback function * * @return error or (XML-)response */ static function handle_upload() { header('Content-Type: text/html; charset=UTF-8'); if (!defined('DOING_AJAX')) { define('DOING_AJAX', true); } check_ajax_referer('plupload_image'); $post_id = 0; if (is_numeric($_REQUEST['post_id'])) { $post_id = (int) $_REQUEST['post_id']; } // you can use WP's wp_handle_upload() function: $file = $_FILES['async-upload']; $file_attr = wp_handle_upload($file, array('test_form' => true, 'action' => 'plupload_image_upload')); $attachment = array('post_mime_type' => $file_attr['type'], 'post_title' => preg_replace('/\\.[^.]+$/', '', basename($file['name'])), 'post_content' => '', 'post_status' => 'inherit'); // Adds file as attachment to WordPress $id = wp_insert_attachment($attachment, $file_attr['file'], $post_id); if (!is_wp_error($id)) { $response = new WP_Ajax_Response(); wp_update_attachment_metadata($id, wp_generate_attachment_metadata($id, $file_attr['file'])); if (isset($_REQUEST['field_id'])) { // Save file ID in meta field add_post_meta($post_id, $_REQUEST['field_id'], $id, false); } $response->add(array('what' => 'rwmb_image_response', 'data' => self::img_html($id))); $response->send(); } // faster than die(); exit; }
function cherry_plugin_export_content() { $exclude_files = array('xml', 'json'); /** * Filters folders to exclude from export parser * @var array */ $exclude_folder = apply_filters('cherry_export_exclude_folders', array('woocommerce_uploads', 'wc-logs')); $response = array('what' => 'status', 'action' => 'export_content', 'id' => '1', 'data' => __('Export content done', CHERRY_PLUGIN_DOMAIN)); $response_file = array('what' => 'file', 'action' => 'export_content', 'id' => '2'); $zip_name = UPLOAD_BASE_DIR . '/sample_data.zip'; cherry_plugin_delete_file($zip_name); if (is_dir(UPLOAD_BASE_DIR)) { $file_string = cherry_plugin_scan_dir(UPLOAD_BASE_DIR, $exclude_folder, $exclude_files); } $zip = new PclZip($zip_name); $result = $zip->create($file_string, PCLZIP_OPT_REMOVE_ALL_PATH); //export json $json_file = cherry_plugin_export_json(); if (is_wp_error($json_file)) { $response['data'] = "Error : " . $json_file->get_error_message(); } else { $zip->add($json_file, PCLZIP_OPT_REMOVE_ALL_PATH); cherry_plugin_delete_file($json_file); } //export xml $xml_file = cherry_plugin_export_xml(); if (is_wp_error($xml_file)) { $response['data'] = "Error : " . $xml_file->get_error_message(); } else { $zip->add($xml_file, PCLZIP_OPT_REMOVE_ALL_PATH); cherry_plugin_delete_file($xml_file); } $nonce = wp_create_nonce('cherry_plugin_download_content'); $file_url = add_query_arg(array('action' => 'cherry_plugin_get_export_file', 'file' => $zip_name, '_wpnonce' => $nonce), admin_url('admin-ajax.php')); if ($result == 0) { $response['data'] = "Error : " . $zip->errorInfo(true); } else { $response_file['data'] = $file_url; } $xmlResponse = new WP_Ajax_Response($response); $xmlResponse->add($response_file); $xmlResponse->send(); exit; }
function edd_dwqa_categories_created_edd_term($term_id, $tt_id, $taxonomy) { $term = get_term_by('id', $term_id, $taxonomy); if (!empty($term) && $term->parent == 0 && $taxonomy == 'download_category') { $tag = wp_insert_term($term->name, 'dwqa-question_category', $_POST); if (!$tag || is_wp_error($tag)) { // || (!$tag = get_term( $tag['term_id'], $taxonomy )) $message = __('An error has occurred. DW Q&A category could not be added!', 'edd_dwqa_categories'); if (is_wp_error($tag) && $tag->get_error_message()) { $message = $tag->get_error_message(); } $x = new WP_Ajax_Response(); $x->add(array('what' => 'taxonomy', 'data' => new WP_Error('error', $message))); $x->send(); } else { //global $wpdb; //$wpdb->query( $wpdb->prepare("INSERT INTO ".$wpdb->prefix."js_dwqa_categories (id, dwqa_category_id, edd_product_id, edd_category_id) VALUES ('', %d, '', %d)", $tag->term_id, $term_id) ); } } }
function cherry_plugin_export_content() { $exclude_files = array('xml', 'json'); $exclude_folder = array('woocommerce_uploads'); $response = array('what' => 'status', 'action' => 'export_content', 'id' => '1', 'data' => __('Export content done', CHERRY_PLUGIN_DOMAIN)); $response_file = array('what' => 'file', 'action' => 'export_content', 'id' => '2'); $zip_name = UPLOAD_BASE_DIR . '/sample_data.zip'; cherry_plugin_delete_file($zip_name); if (is_dir(UPLOAD_BASE_DIR)) { $file_string = cherry_plugin_scan_dir(UPLOAD_BASE_DIR, $exclude_folder, $exclude_files); } $zip = new PclZip($zip_name); $result = $zip->create($file_string, PCLZIP_OPT_REMOVE_ALL_PATH); //export json $json_file = cherry_plugin_export_json(); if (is_wp_error($json_file)) { $response['data'] = "Error : " . $json_file->get_error_message(); } else { $zip->add($json_file, PCLZIP_OPT_REMOVE_ALL_PATH); cherry_plugin_delete_file($json_file); } //export xml $xml_file = cherry_plugin_export_xml(); if (is_wp_error($xml_file)) { $response['data'] = "Error : " . $xml_file->get_error_message(); } else { $zip->add($xml_file, PCLZIP_OPT_REMOVE_ALL_PATH); cherry_plugin_delete_file($xml_file); } if ($result == 0) { $response['data'] = "Error : " . $zip->errorInfo(true); } else { $response_file['data'] = $zip_name; } $xmlResponse = new WP_Ajax_Response($response); $xmlResponse->add($response_file); $xmlResponse->send(); exit; }
function ht_intraverts_ajax_show() { $before_widget = stripcslashes($_POST['before_widget']); $after_widget = stripcslashes($_POST['after_widget']); $before_title = stripcslashes($_POST['before_title']); $after_title = stripcslashes($_POST['after_title']); $intravertToShow = $_POST['intravertToShow']; $widget_id = $_POST['widget_id']; $post_id = $_POST['post_id']; $response = new WP_Ajax_Response(); global $post; $pt = get_post_type($post_id); $html = ""; $finalhtml = ""; $originaltitle = str_replace(site_url(), "", get_permalink($post_id)); $currentpostterms = get_the_terms($post_id, 'category'); $currentnewsterms = get_the_terms($post_id, 'news-type'); $temp = array(); if ($currentpostterms) { foreach ($currentpostterms as $c) { $temp[] = $c->term_id; } } $currentpostterms = $temp; $temp = array(); if ($currentnewsterms) { foreach ($currentnewsterms as $c) { $temp[] = $c->term_id; } } $currentnewsterms = $temp; /* Get eligible intraverts to display and build intravertToShow array */ if (count($intravertToShow) > 0 && $intravertToShow) { $cquery = array('post_type' => 'intravert', 'posts_per_page' => -1, 'post__in' => $intravertToShow, 'orderby' => 'menu_order', 'order' => 'ASC'); $eligibles = new WP_Query($cquery); } else { $eligibles = new WP_Query(); } $read = 0; $alreadydone = array(); if ($eligibles->have_posts()) { while ($eligibles->have_posts()) { $eligibles->the_post(); if (isset($_COOKIE['ht_intravert_' . get_the_id()])) { $read++; $alreadydone[] = get_the_id(); } } } $k = 0; while ($eligibles->have_posts()) { $eligibles->the_post(); if (in_array(get_the_id(), $alreadydone)) { continue; } $icookie = get_post_meta(get_the_id(), 'intravert_cookie_period', true); if (!$icookie) { $icookie = 14; } // check logged on? if (get_post_meta(get_the_id(), 'intravert_logged_in_only', true)) { if (!is_user_logged_in()) { continue; } // contributors or above? if (get_post_meta(get_the_id(), 'intravert_contributors', true)) { global $wp_roles; $current_user = wp_get_current_user(); $roles = $current_user->roles; $role = array_shift($roles); $crole = isset($wp_roles->role_names[$role]) ? translate_user_role($wp_roles->role_names[$role]) : false; if (!in_array($crole, array('Administrator', 'Editor', 'Author', 'Contributor'))) { continue; } } // target a team? if ($teams = get_post_meta(get_the_id(), 'intravert_teams', true)) { $teamcheck = false; $userteams = get_user_meta(get_current_user_id(), 'user_team', true); if ($userteams) { foreach ((array) $userteams as $u) { if (in_array($u, $teams)) { $teamcheck = true; } } } if (!$teamcheck) { continue; } } // target a grade? if ($grades = get_post_meta(get_the_id(), 'intravert_grades', true)) { $gradecheck = false; $usergrades = get_user_meta(get_current_user_id(), 'user_grade', true); if ($usergrades) { foreach ((array) $usergrades as $u) { if (in_array($u, $grades)) { $gradecheck = true; } } } if (!$gradecheck) { continue; } } } // date range? $sdate = date('Ymd'); if (get_post_meta(get_the_id(), 'intravert_date_range', true) && ($sdate < get_post_meta(get_the_id(), 'intravert_start_date', true) || $sdate > get_post_meta(get_the_id(), 'intravert_end_date', true))) { continue; } $catcheck = false; // target content? $targetcontent = get_post_meta(get_the_id(), 'intravert_target_content', true); if ($targetcontent == "Task category" && $pt == "task") { if ($icategory = get_post_meta(get_the_id(), 'intravert_category', true)) { if ($icategory) { foreach ((array) $icategory as $u) { if (in_array($u, $currentpostterms)) { $catcheck = true; } } } } } if ($targetcontent == "News type" && $pt == "news") { if ($icategory = get_post_meta(get_the_id(), 'intravert_news_type', true)) { if ($icategory) { foreach ((array) $icategory as $u) { if (in_array($u, $currentnewsterms)) { $catcheck = true; } } } } } if ($targetcontent == "Task category" && !$catcheck) { continue; } if ($targetcontent == "News type" && !$catcheck) { continue; } /* Display intravert */ $k++; $thistitle = get_the_title($post->ID); $thisURL = get_permalink($post->ID); $destination = get_post_meta(get_the_id(), 'intravert_destination_page', true); if ($destination) { $destination = get_permalink($destination[0]); } else { $destination = "#nowhere"; } if (has_post_thumbnail($post->ID)) { $html .= "<a href='" . $destination . "' onclick='pauseIntravert(\"ht_intravert_" . get_the_id() . "\"," . $icookie . ",\"" . $post->post_title . "\",\"" . $originaltitle . "\");'> "; $html .= get_the_post_thumbnail(get_the_id(), 'large', array('class' => 'img-responsive')); $html .= "</a>"; } $html .= apply_filters("the_content", get_the_content()); if (get_post_meta(get_the_id(), 'intravert_link_text', true)) { $html .= "<a id='intravert_hook_" . $widget_id . "' class='btn btn-info filter_results' href='" . $destination . "' onclick='pauseIntravert(\"ht_intravert_" . get_the_id() . "\"," . $icookie . ",\"" . $post->post_title . "\",\"" . $originaltitle . "\");'> "; $html .= get_post_meta(get_the_id(), 'intravert_link_text', true); if ($destination != '#nowhere') { $html .= " <span class='dashicons dashicons-arrow-right-alt2'></span>"; } $html .= "</a> "; } break; } if ($k) { $finalhtml = $before_widget; $finalhtml .= $html; $finalhtml .= "<div class='clearfix'></div>"; $finalhtml .= $after_widget; } if ($finalhtml) { // Request successful $response->add(array('data' => 'success', 'supplemental' => array('message' => $finalhtml))); } else { // Request failed $response->add(array('data' => 'error', 'supplemental' => array('message' => 'an error occurred'))); } $response->send(); exit; }
$start = isset($_POST['page']) ? intval($_POST['page']) * 25 : 25; list($comments, $total) = _wp_get_comment_list( $search, $start, 1 ); if ( !$comments ) die('1'); $x = new WP_Ajax_Response(); foreach ( (array) $comments as $comment ) { get_comment( $comment ); ob_start(); _wp_comment_list_item( $comment->comment_ID ); $comment_list_item = ob_get_contents(); ob_end_clean(); $x->add( array( 'what' => 'comment', 'id' => $comment->comment_ID, 'data' => $comment_list_item ) ); } $x->send(); break; case 'add-meta' : if ( !current_user_can( 'edit_post', $id ) ) die('-1'); if ( $id < 0 ) { $now = current_time('timestamp', 1); if ( $pid = wp_insert_post( array( 'post_title' => sprintf('Draft created on %s at %s', date(get_option('date_format'), $now), date(get_option('time_format'), $now)) ) ) ) $mid = add_meta( $pid ); else
function ht_need_to_know_ajax_show() { $items = absint($_POST['items']); $title = esc_attr($_POST['title']); $before_widget = stripcslashes($_POST['before_widget']); $after_widget = stripcslashes($_POST['after_widget']); $before_title = stripcslashes($_POST['before_title']); $after_title = stripcslashes($_POST['after_title']); $hide = $_POST['hide']; $response = new WP_Ajax_Response(); global $post; $html = load_news($items, $title, $before_widget, $after_widget, stripcslashes($before_title), $after_title, $hide); if ($html) { // Request successful $response->add(array('data' => 'success', 'supplemental' => array('message' => $html))); } else { // Request failed $response->add(array('data' => 'error', 'supplemental' => array('message' => 'an error occured'))); } $response->send(); exit; }
/** * Function that handles editing of the plugin via AJAX */ function ajax_edit_plugin_note() { global $current_user; // Verify nonce if (!wp_verify_nonce($_POST['_nonce'], 'wp-plugin_notes_nonce')) { die(__('Don\'t think you\'re supposed to be here...', 'plugin_notes')); return; } $current_user = wp_get_current_user(); if (current_user_can('edit_plugins')) { // Get notes array $notes = $this->_get_notes(); $note_text = trim(strip_tags(stripslashes($_POST['plugin_note']), '<p><b><i><em><u><strong><a><img>')); // TODO: Escape this? $plugin = $_POST['plugin_slug']; $plugin_name = esc_html($_POST['plugin_name']); $response_data = array(); $response_data['slug'] = $plugin; if ($note_text) { $date_format = get_option('date_format'); // setup the note data $note = array(); $note['date'] = date($date_format); $note['user'] = $current_user->ID; $note['note'] = $note_text; // Add new note to notes array $notes[$plugin] = $note; $response_data = array_merge($response_data, $note); $response_data['action'] = 'edit'; } else { // no note sent, so let's delete it if (!empty($notes[$plugin])) { unset($notes[$plugin]); } $response_data['action'] = 'delete'; } // Save the new notes array $this->_set_notes($notes); } else { // user can't edit plugins, so throw error die(__('Sorry, you do not have permission to edit plugins.', 'plugin_notes')); return; } // Prepare response $response = new WP_Ajax_Response(); ob_start(); $this->_add_plugin_note($note, array('Name' => $plugin_name), $plugin); $plugin_note_content = ob_get_contents(); ob_end_clean(); $response->add(array('what' => 'plugin_note', 'id' => $plugin, 'data' => $plugin_note_content, 'action' => $note_text ? 'edit' : 'delete')); $response->send(); return; }
/** * Send ajax response * * @param array $response Part response in the format: * [id] => 0 = no result, 1 = result * [data] => html string (can be empty if no result) * [supplemental] => (optional) supplemental info to pass * [tr_class] => (optional) class for the wrapping row * @return void */ public function send_ajax_response($response) { $tr_class = ''; if (isset($response['tr_class']) && $response['tr_class'] !== '') { $tr_class = ' class="' . esc_attr($response['tr_class']) . '"'; } $data = ''; if ($response['data'] !== '') { $data = '<tr' . $tr_class . '> <td> </td> <td colspan="{colspan}"> ' . $response['data'] . ' </td> </tr>'; } $supplemental = array(); // Only accounts for the expected new view online link, everything else will be buggered if (isset($response['supplemental']) && $response['supplemental'] !== '') { $supplemental['url_link'] = ' | ' . $response['supplemental']; } /* Send the response */ $ajax_response = new WP_Ajax_Response(); $ajax_response->add(array('what' => self::$name, 'action' => $_POST['action'], 'id' => $response['id'], 'data' => $data, 'supplemental' => $supplemental)); $ajax_response->send(); exit; }
/** * Updates the entry status * * Called via AJAX * Passes data off to either RGFormsModel::update_lead_property or RGFormsModel::delete_lead * * @access public * @static * @see RGFormsModel::update_lead_property * @see RGFormsModel::delete_lead */ public static function update_lead_status() { check_ajax_referer('gf_delete_entry'); $status = rgpost('status'); $lead_id = rgpost('entry'); $entry = GFAPI::get_entry($lead_id); $form = GFAPI::get_form($entry['form_id']); switch ($status) { case 'unspam': RGFormsModel::update_lead_property($lead_id, 'status', 'active'); break; case 'delete': if (GFCommon::current_user_can_any('gravityforms_delete_entries')) { RGFormsModel::delete_lead($lead_id); } break; default: RGFormsModel::update_lead_property($lead_id, 'status', $status); break; } require_once 'entry_list.php'; $filter_links = GFEntryList::get_filter_links($form); $counts = array(); foreach ($filter_links as $filter_link) { $id = $filter_link['id'] == '' ? 'all' : $filter_link['id']; $counts[$id . '_count'] = $filter_link['count']; } $x = new WP_Ajax_Response(); $x->add(array('what' => 'gf_entry', 'id' => $lead_id, 'supplemental' => $counts)); $x->send(); }
function ht_profile_nudge_ajax_action_add_bio() { $nonce = $_POST['nonce']; $itext = $_POST['itext']; $widget_id = $_POST['widget_id']; global $current_user; $success = false; $current_user = wp_get_current_user(); if ($current_user->ID) { $userid = $current_user->ID; } if (!wp_verify_nonce($nonce, 'update_profile_add_bio_' . $widget_id)) { // This nonce is not valid. $html = __("Security check - there is something wrong", "govintranet"); } else { // The nonce was valid. // Do stuff here. $response = new WP_Ajax_Response(); $userid = $_POST['userid']; $current_user = wp_get_current_user(); $current_userid = $current_user->ID; // if ($itext == '') { $html = __('Tell us a little more', 'govintranet'); } elseif ($userid != $current_userid) { $html = __("Security check - can\\'t check your identity", "govintranet"); } else { $itext = sanitize_text_field($itext); update_user_meta($current_userid, 'description', $itext, ''); $html = __('<strong>Updated.</strong> Thank you', 'govintranet') . ' <span class="dashicons dashicons-smiley"></span>'; $success = true; } } if ($success) { // Request successful $response->add(array('data' => 'success', 'supplemental' => array('message' => '<div class="alert alert-success alert-dismissable"><button type="button" class="close" data-dismiss="alert" aria-hidden="true">x</button>' . $html . '</div>'))); } else { // Request failed $response->add(array('data' => 'error', 'supplemental' => array('message' => '<div class="alert alert-danger">' . $html . '</div>'))); } $response->send(); exit; }
/** * Handles AJAX insert comment */ function ajax_insert_comment() { global $current_user, $user_ID, $wpdb; // Verify nonce if (!wp_verify_nonce($_POST['_nonce'], 'comment')) { die(__("Nonce check failed. Please ensure you're supposed to be adding editorial comments.", 'edit-flow')); } // Get user info get_currentuserinfo(); // Set up comment data $post_id = absint($_POST['post_id']); $parent = absint($_POST['parent']); // Only allow the comment if user can edit post // @TODO: allow contributers to add comments as well (?) if (!current_user_can('edit_post', $post_id)) { die(__('Sorry, you don\'t have the privileges to add editorial comments. Please talk to your Administrator.', 'edit-flow')); } // Verify that comment was actually entered $comment_content = trim($_POST['content']); if (!$comment_content) { die(__("Please enter a comment.", 'edit-flow')); } // Check that we have a post_id and user logged in if ($post_id && $current_user) { // set current time $time = current_time('mysql', $gmt = 0); // Set comment data $data = array('comment_post_ID' => (int) $post_id, 'comment_author' => esc_sql($current_user->display_name), 'comment_author_email' => esc_sql($current_user->user_email), 'comment_author_url' => esc_sql($current_user->user_url), 'comment_content' => wp_kses($comment_content, array('a' => array('href' => array(), 'title' => array()), 'b' => array(), 'i' => array(), 'strong' => array(), 'em' => array(), 'u' => array(), 'del' => array(), 'blockquote' => array(), 'sub' => array(), 'sup' => array())), 'comment_type' => self::comment_type, 'comment_parent' => (int) $parent, 'user_id' => (int) $user_ID, 'comment_author_IP' => esc_sql($_SERVER['REMOTE_ADDR']), 'comment_agent' => esc_sql($_SERVER['HTTP_USER_AGENT']), 'comment_date' => $time, 'comment_date_gmt' => $time, 'comment_approved' => self::comment_type); apply_filters('ef_pre_insert_editorial_comment', $data); // Insert Comment $comment_id = wp_insert_comment($data); $comment = get_comment($comment_id); // Register actions -- will be used to set up notifications and other modules can hook into this if ($comment_id) { do_action('ef_post_insert_editorial_comment', $comment); } // Prepare response $response = new WP_Ajax_Response(); ob_start(); $this->the_comment($comment, '', ''); $comment_list_item = ob_get_contents(); ob_end_clean(); $response->add(array('what' => 'comment', 'id' => $comment_id, 'data' => $comment_list_item, 'action' => $parent ? 'reply' : 'new')); $response->send(); } else { die(__('There was a problem of some sort. Try again or contact your administrator.', 'edit-flow')); } }
function wpsc_add_variant_from_products_page() { /* This is the parent term / vartiation set we will save this first */ $variation_set_term = $_POST['variation']; $variants[0] = $_POST['variant']; /* variants can be coma separated so we check for these and put them into an array */ $variants = explode(',', $variants[0]); wp_insert_term($variation_set_term, 'wpsc-variation', $args = array()); /* now get the parent id so we can save all the kids*/ $parent_term = term_exists($variation_set_term, 'wpsc-variation'); // array is returned if taxonomy is given $parent_term_id = $parent_term['term_id']; // get numeric term id /* if we have a parent and some kids then we will add kids now */ if (!empty($parent_term_id) && !empty($variants)) { foreach ($variants as $variant) { wp_insert_term($variant, 'wpsc-variation', $args = array('parent' => $parent_term_id)); /* want to get out the id so we can return it with the response */ $varient_term = term_exists($variant, 'wpsc-variation', $parent_term_id); $variant_term_id[] = $varient_term['term_id']; // get numeric term id } } $response = new WP_Ajax_Response(); $response->add(array('data' => 'success', 'supplemental' => array('variant_id' => implode(",", $variant_term_id)))); $response->send(); exit; }
function ht_notify_ajax_show() { $before_widget = stripcslashes($_POST['before_widget']); $after_widget = stripcslashes($_POST['after_widget']); $post_id = $_POST['post_id']; $user_id = $_POST['user_id']; $widget_id = $_POST['widget_id']; $response = new WP_Ajax_Response(); $notes = get_user_meta($user_id, 'user_notifications', true); $html = ""; if (isset($notes) && !in_array($post_id, (array) $notes)) { $html .= "<a onclick='javascript:addtonotifications();' class='ht_addtonotifications btn btn-sm btn-primary'>" . __('Get notifications', 'govintranet') . "</a>"; } else { $html .= "<a onclick='javascript:delnotifications();' class='ht_addtonotifications btn btn-sm btn-default'>" . __('Stop notifications', 'govintranet') . "</a>"; } $html .= $after_widget; wp_reset_postdata(); if ($html) { // Request successful $response->add(array('data' => 'success', 'supplemental' => array('message' => $html))); } else { // Request failed $response->add(array('data' => 'error', 'supplemental' => array('message' => 'an error occurred'))); } $response->send(); exit; }
$topic = get_topic($id); if (!$topic) { die('0'); } $tag_name = rawurldecode($tag_name); $x = new WP_Ajax_Response(); foreach (bb_add_topic_tags($id, $tag_name) as $tag_id) { if (!is_numeric($tag_id) || !($tag = bb_get_tag((int) $tag_id, bb_get_current_user_info('id'), $topic->topic_id))) { if (!($tag = bb_get_tag($tag_id))) { continue; } } $tag->user_id = bb_get_current_user_info('id'); $tag_id_val = $tag->tag_id . '_' . $tag->user_id; $tag->raw_tag = esc_attr($tag->raw_tag); $x->add(array('what' => 'tag', 'id' => $tag_id_val, 'data' => _bb_list_tag_item($tag, array('list_id' => 'tags-list', 'format' => 'list')))); } $x->send(); break; case 'delete-tag': list($tag_id, $user_id) = explode('_', $_POST['id']); $tag_id = (int) $tag_id; $user_id = (int) $user_id; $topic_id = (int) $_POST['topic_id']; if (!bb_current_user_can('edit_tag_by_on', $user_id, $topic_id)) { die('-1'); } bb_check_ajax_referer("remove-tag_{$tag_id}|{$topic_id}"); add_action('bb_rpe_tag_removed', 'bb_grab_results', 10, 3); $tag = bb_get_tag($tag_id); $user = bb_get_user($user_id);
function syn_restaurant_manager_get_meal_options() { global $syn_restaurant_config; $session = new \syntaxthemes\restaurant\session(); $menu_id = $session->post_var('menu_id'); $course_id = $session->post_var('course_id'); $relation = empty($menu_id) || empty($course_id) ? 'OR' : 'AND'; if (!empty($menu_id) || !empty($course_id)) { $args = array('post_type' => 'syn_rest_meal', 'post_status' => 'publish', 'posts_per_page' => -1, 'tax_query' => array('relation' => $relation, array('taxonomy' => 'syn_rest_menu', 'field' => 'id', 'terms' => $menu_id), array('taxonomy' => 'syn_rest_course', 'field' => 'id', 'terms' => $course_id))); } else { $args = array('post_type' => 'syn_rest_meal', 'post_status' => 'publish', 'posts_per_page' => -1); } $query = new \WP_Query($args); $html = ''; if ($query->have_posts()) { while ($query->have_posts()) { $query->the_post(); global $post; $post_id = get_the_ID(); $currency_symbol = get_option($syn_restaurant_config->plugin_prefix . 'currency_symbol', '£'); $full_price = get_post_meta($post_id, 'full_price', true); $html .= "<li><input type=\"checkbox\" name=\"syn_restaurant_menu_ids\" value=\"{$post->ID}\"> <label><span class=\"meal-title\">{$post->post_title}</span><span class=\"meal-price\">{$currency_symbol}{$full_price}</span></label></li>"; } } $xml_response = new WP_Ajax_Response(); $response = array('id' => 1, 'what' => 'syn_restaurant_menu_ids', 'action' => 'update_meal_items', 'data' => $html); $xml_response->add($response); $xml_response->send(); die; }
function save_comment($commentID, $postID, $commentarr) { global $wpdb; $response = new WP_Ajax_Response(); //Make sure the comment has something in it if ('' == $commentarr['comment_content'] || $commentarr['comment_content'] == "undefined") { $response->add(array('what' => 'error', 'id' => $commentID, 'data' => $this->get_error('content_empty'))); $response->send(); return; } //Check to see if user can edit $message = $this->can_edit($commentID, $postID); if (is_string($message)) { $response->add(array('what' => 'error', 'id' => $commentID, 'data' => $this->get_error($message))); $response->send(); return; } //Sanity checks if (!$this->is_comment_owner($postID)) { //Make sure required fields are filled out if (get_option('require_name_email') && (6 > strlen($commentarr['comment_author_email']) && $this->can_edit_email($commentID, $postID) || '' == $commentarr['comment_author'] && $this->can_edit_name($commentID, $postID))) { $response->add(array('what' => 'error', 'id' => $commentID, 'data' => $this->get_error('required_fields'))); $response->send(); return; } } // end comment_owner check //Make sure the e-mail is valid - Skip if pingback or trackback if (!($this->admin && empty($commentarr['comment_author_email']))) { if (!is_email($commentarr['comment_author_email']) && $commentarr['comment_type'] != "pingback" && $commentarr['comment_type'] != "trackback") { if ($this->can_edit_email($commentID, $postID)) { $response->add(array('what' => 'error', 'id' => $commentID, 'data' => $this->get_error('invalid_email'))); $response->send(); return; } } } if (strtolower(get_option('blog_charset')) != 'utf-8') { @$wpdb->query("SET names 'utf8'"); } //comment out if getting char errors //Save the comment $commentarr['comment_ID'] = (int) $commentID; wp_update_comment($commentarr); //For security, get the new comment $comment = get_comment($commentID, ARRAY_A); //Check for spam if (!$this->is_comment_owner($postID)) { if ($this->check_spam($commentID, $postID)) { $response->add(array('what' => 'error', 'id' => $commentID, 'data' => $this->get_error('comment_marked_spam'))); $response->send(); return; } } //Do actions after a comment has successfully been edited do_action_ref_array('wp_ajax_comments_comment_edited', array(&$commentID, &$postID)); //Condition the data for returning do_action('wp_ajax_comments_remove_content_filter'); $response->add(array('what' => 'comment_content', 'id' => $commentID, 'data' => stripslashes(apply_filters('comment_text', apply_filters('get_comment_text', $this->encode($comment['comment_content'])))))); $response->add(array('what' => 'comment_author', 'id' => $commentID, 'data' => stripslashes(apply_filters('comment_author', apply_filters('get_comment_author', $this->encode($comment['comment_author'])))))); $response->add(array('what' => 'comment_author_url', 'id' => $commentID, 'data' => stripslashes(apply_filters('comment_url', apply_filters('get_comment_author_url', $comment['comment_author_url']))))); return $response; }
function enp_send_button_count() { $pid = $_REQUEST['pid']; $btn_slug = $_REQUEST['slug']; $btn_type = $_REQUEST['type']; // post or comment? We don't need the specific post type // Instantiate WP_Ajax_Response $response = new WP_Ajax_Response(); // check to see if they're allowing us to collect data. $send_enp_data = get_option('enp_button_allow_data_tracking'); if ($send_enp_data === '1') { // url if ($btn_type == 'comment') { $button_url = get_comment_link($pid); } else { $button_url = get_permalink($pid); } // send the data to engaging news project for research $data = array('button_id' => $pid, 'slug' => $btn_slug, 'type' => $btn_type, 'button_url' => $button_url); $send = new Enp_Send_Data(); $send->send_click_data($data); $response->add(array('data' => 'success', 'supplemental' => array('message' => 'Click data has been sent to the Engaging News Project.'))); } else { $response->add(array('data' => 'error', 'supplemental' => array('message' => 'Sending click data is disabled.'))); } // Send the response back $response->send(); // Always end with an exit on ajax exit; }
case 'draft': $stat = __('Draft'); break; } if ('0000-00-00 00:00:00' == $post->post_date) { $time = ''; } else { /* translators: date format in table columns, see http://php.net/date */ $time = mysql2date(__('Y/m/d'), $post->post_date); } $html .= '<tr class="found-posts"><td class="found-radio"><input type="radio" id="found-' . $post->ID . '" name="found_post_id" value="' . esc_attr($post->ID) . '"></td>'; $html .= '<td><label for="found-' . $post->ID . '">' . esc_html($post->post_title) . '</label></td><td>' . esc_html($time) . '</td><td>' . esc_html($stat) . '</td></tr>' . "\n\n"; } $html .= '</tbody></table>'; $x = new WP_Ajax_Response(); $x->add(array('what' => $what, 'data' => $html)); $x->send(); break; case 'lj-importer': check_ajax_referer('lj-api-import'); if (!current_user_can('publish_posts')) { die('-1'); } if (empty($_POST['step'])) { die('-1'); } define('WP_IMPORTING', true); include ABSPATH . 'wp-admin/import/livejournal.php'; $result = $lj_api_import->{'step' . (int) $_POST['step']}(); if (is_wp_error($result)) { echo $result->get_error_message();
public function ajax_update_term_rows() { global $wp_list_table; check_ajax_referer('pll_language', '_pll_nonce'); $x = new WP_Ajax_Response(); $wp_list_table = _get_list_table('WP_Terms_List_Table', array('screen' => $_POST['screen'])); if (!taxonomy_exists($taxonomy = $_POST['taxonomy'])) { die(0); } $translations = empty($_POST['translations']) ? array() : explode(',', $_POST['translations']); // collect old translations $translations = array_merge($translations, $this->model->get_translations('term', (int) $_POST['term_id'])); // add current translations $translations = array_unique($translations); // remove doublons $translations = array_map('intval', $translations); foreach ($translations as $term_id) { $level = is_taxonomy_hierarchical($taxonomy) ? count(get_ancestors($term_id, $taxonomy)) : 0; $tag = get_term($term_id, $taxonomy); ob_start(); $wp_list_table->single_row($tag, $level); $data = ob_get_clean(); $x->add(array('what' => 'row', 'data' => $data, 'supplemental' => array('term_id' => $term_id))); } $x->send(); }
function wp_ajax_find_posts() { global $wpdb; check_ajax_referer('find-posts'); if (empty($_POST['ps'])) { wp_die(); } if (!empty($_POST['post_type']) && in_array($_POST['post_type'], get_post_types())) { $what = $_POST['post_type']; } else { $what = 'post'; } $s = stripslashes($_POST['ps']); preg_match_all('/".*?("|$)|((?<=[\\s",+])|^)[^\\s",+]+/', $s, $matches); $search_terms = array_map('_search_terms_tidy', $matches[0]); $searchand = $search = ''; foreach ((array) $search_terms as $term) { $term = esc_sql(like_escape($term)); $search .= "{$searchand}(({$wpdb->posts}.post_title LIKE '%{$term}%') OR ({$wpdb->posts}.post_content LIKE '%{$term}%'))"; $searchand = ' AND '; } $term = esc_sql(like_escape($s)); if (count($search_terms) > 1 && $search_terms[0] != $s) { $search .= " OR ({$wpdb->posts}.post_title LIKE '%{$term}%') OR ({$wpdb->posts}.post_content LIKE '%{$term}%')"; } $posts = $wpdb->get_results("SELECT ID, post_title, post_status, post_date FROM {$wpdb->posts} WHERE post_type = '{$what}' AND post_status IN ('draft', 'publish') AND ({$search}) ORDER BY post_date_gmt DESC LIMIT 50"); if (!$posts) { $posttype = get_post_type_object($what); wp_die($posttype->labels->not_found); } $html = '<table class="widefat" cellspacing="0"><thead><tr><th class="found-radio"><br /></th><th>' . __('Title') . '</th><th>' . __('Date') . '</th><th>' . __('Status') . '</th></tr></thead><tbody>'; foreach ($posts as $post) { switch ($post->post_status) { case 'publish': case 'private': $stat = __('Published'); break; case 'future': $stat = __('Scheduled'); break; case 'pending': $stat = __('Pending Review'); break; case 'draft': $stat = __('Draft'); break; } if ('0000-00-00 00:00:00' == $post->post_date) { $time = ''; } else { /* translators: date format in table columns, see http://php.net/date */ $time = mysql2date(__('Y/m/d'), $post->post_date); } $html .= '<tr class="found-posts"><td class="found-radio"><input type="radio" id="found-' . $post->ID . '" name="found_post_id" value="' . esc_attr($post->ID) . '"></td>'; $html .= '<td><label for="found-' . $post->ID . '">' . esc_html($post->post_title) . '</label></td><td>' . esc_html($time) . '</td><td>' . esc_html($stat) . '</td></tr>' . "\n\n"; } $html .= '</tbody></table>'; $x = new WP_Ajax_Response(); $x->add(array('what' => $what, 'data' => $html)); $x->send(); }
function g1_simple_slider_move_slide() { $ajax_data = $_POST['ajax_data']; check_ajax_referer('g1_simple_slider-move_slide' . $ajax_data['slide_id']); $error_response = $success_response = new WP_Ajax_Response(); $errors = new WP_Error(); $post = get_post(absint($ajax_data['post_id'])); $slide_id = absint($ajax_data['slide_id']); $after_slide_id = absint($ajax_data['after_slide_id']); $after_slide_post = $after_slide_id ? get_post($after_slide_id) : null; $slide_post = get_post($slide_id); if (!$post || !$slide_post || $after_slide_id && !$after_slide_post) { $errors->add('incorrect_input_data', 'At least one of the slides does not exist!'); } if (count($errors->get_error_codes()) > 0) { $error_response->add(array('what' => 'errors', 'id' => $errors)); $error_response->send(); exit; } $slider = G1_Slider_Factory::get_simple_slider($post); $slide = $slider->get_slide($slide_post->ID); if ($after_slide_post) { $after_slide = $slider->get_slide($after_slide_post->ID); $slider->move_slide_after_slide($slide, $after_slide); } else { $first_slide = $slider->get_first_slide(); $slider->move_slide_before_slide($slide, $first_slide); } $slider->save(); $success_response->add(array('what' => 'success', 'id' => 1)); $success_response->send(); exit; }
/** * Upload * Ajax callback function * * @return error or (XML-)response */ public function handler_image_upload () { // does not work in IE !!!! // check_admin_referer(-1, self::ID_NONCE); if(isset($_REQUEST[self::ID_ACTION_CALLBACK])) { $callback = $_REQUEST[self::ID_ACTION_CALLBACK]; if(!empty($callback)) { if(has_action($callback)) { do_action($callback, $this); return; } } } $post_id = 0; if (is_numeric($_REQUEST[self::ID_POST_ID])) $post_id = (int) $_REQUEST[self::ID_POST_ID]; // You can use WP's wp_handle_upload() function: $file = $_FILES['async-upload']; $file_attr = wp_handle_upload( $file, array( 'test_form'=> true, 'action' => 'plupload_image_upload' )); $attachment = array( 'post_mime_type' => $file_attr['type'], 'post_title' => preg_replace( '/\.[^.]+$/', '', basename( $file['name'])), 'post_content' => '', 'post_status' => 'inherit' ); // Adds file as attachment to WordPress $id = wp_insert_attachment( $attachment, $file_attr['file'], $post_id); if ( ! is_wp_error( $id ) ) { $response = new WP_Ajax_Response(); wp_update_attachment_metadata($id, wp_generate_attachment_metadata($id, $file_attr['file'])); if(isset($_REQUEST[self::ID_UNIQUE_ID])) { // Save file ID in meta field add_post_meta($post_id, $_REQUEST[self::ID_UNIQUE_ID], $id, false ); } $response->add( array( 'what' => 'inoplugs_image_response', 'data' => self::img_html( $id ) ) ); $response->send(); } // Faster than die(); exit; }
/** * AJAX receiver for Activity replies via the admin screen. * * Processes requests to add new activity comments, and echoes HTML for a new * table row. * * @since BuddyPress (1.6.0) */ function bp_activity_admin_reply() { // Check nonce check_ajax_referer('bp-activity-admin-reply', '_ajax_nonce-bp-activity-admin-reply'); $parent_id = !empty($_REQUEST['parent_id']) ? (int) $_REQUEST['parent_id'] : 0; $root_id = !empty($_REQUEST['root_id']) ? (int) $_REQUEST['root_id'] : 0; // $parent_id is required if (empty($parent_id)) { die('-1'); } // If $root_id not set (e.g. for root items), use $parent_id if (empty($root_id)) { $root_id = $parent_id; } // Check that a reply has been entered if (empty($_REQUEST['content'])) { die(__('ERROR: Please type a reply.', 'buddypress')); } // Check parent activity exists $parent_activity = new BP_Activity_Activity($parent_id); if (empty($parent_activity->component)) { die(__('ERROR: The item you are trying to reply to cannot be found, or it has been deleted.', 'buddypress')); } // @todo: Check if user is allowed to create new activity items // if ( ! current_user_can( 'bp_new_activity' ) ) if (!current_user_can('bp_moderate')) { die('-1'); } // Add new activity comment $new_activity_id = bp_activity_new_comment(array('activity_id' => $root_id, 'content' => $_REQUEST['content'], 'parent_id' => $parent_id)); // Fetch the new activity item, as we need it to create table markup to return $new_activity = new BP_Activity_Activity($new_activity_id); // This needs to be set for the BP_Activity_List_Table constructor to work set_current_screen('toplevel_page_bp-activity'); // Set up an output buffer ob_start(); $list_table = new BP_Activity_List_Table(); $list_table->single_row((array) $new_activity); // Get table markup $response = array('data' => ob_get_contents(), 'id' => $new_activity_id, 'position' => -1, 'what' => 'bp_activity'); ob_end_clean(); // Send response $r = new WP_Ajax_Response(); $r->add($response); $r->send(); exit; }
/** * Uloží fieldset * VOLÁ SE V HOOCE * * @author Jan Pokorný */ public function saveFieldset($termId) { $fieldset = $this->getFieldset(); if (isset($_POST[$fieldset->getPostPrefix()])) { $fieldset = $this->getFieldset(); $form = new KT_form(); $form->addFieldSetByObject($fieldset); $form->validate(); if (!$form->hasError()) { $form->saveFieldsetToTermMetaTable($termId); } elseif (KT::isWpAjax()) { $taxonomy = filter_input(INPUT_POST, "taxonomy", FILTER_SANITIZE_STRING); wp_delete_term($termId, $taxonomy); $errorMessage = ""; foreach ($fieldset->getFields() as $field) { if ($field->hasErrorMsg()) { $errorMessage .= sprintf("%s - %s <br>", $field->getLabel(), $field->getError()); } } $ajaxResponse = new WP_Ajax_Response(); $ajaxResponse->add(array("what" => "taxonomy", "data" => new WP_Error("error", $errorMessage))); $ajaxResponse->send(); } } }
function wp_ajax_find_posts() { global $wpdb; check_ajax_referer('find-posts'); $post_types = get_post_types(array('public' => true), 'objects'); unset($post_types['attachment']); $s = wp_unslash($_POST['ps']); $searchand = $search = ''; $args = array('post_type' => array_keys($post_types), 'post_status' => 'any', 'posts_per_page' => 50); if ('' !== $s) { $args['s'] = $s; } $posts = get_posts($args); if (!$posts) { wp_die(__('No items found.')); } $html = '<table class="widefat" cellspacing="0"><thead><tr><th class="found-radio"><br /></th><th>' . __('Title') . '</th><th class="no-break">' . __('Type') . '</th><th class="no-break">' . __('Date') . '</th><th class="no-break">' . __('Status') . '</th></tr></thead><tbody>'; foreach ($posts as $post) { $title = trim($post->post_title) ? $post->post_title : __('(no title)'); switch ($post->post_status) { case 'publish': case 'private': $stat = __('Published'); break; case 'future': $stat = __('Scheduled'); break; case 'pending': $stat = __('Pending Review'); break; case 'draft': $stat = __('Draft'); break; } if ('0000-00-00 00:00:00' == $post->post_date) { $time = ''; } else { /* translators: date format in table columns, see http://php.net/date */ $time = mysql2date(__('Y/m/d'), $post->post_date); } $html .= '<tr class="found-posts"><td class="found-radio"><input type="radio" id="found-' . $post->ID . '" name="found_post_id" value="' . esc_attr($post->ID) . '"></td>'; $html .= '<td><label for="found-' . $post->ID . '">' . esc_html($title) . '</label></td><td class="no-break">' . esc_html($post_types[$post->post_type]->labels->singular_name) . '</td><td class="no-break">' . esc_html($time) . '</td><td class="no-break">' . esc_html($stat) . ' </td></tr>' . "\n\n"; } $html .= '</tbody></table>'; $x = new WP_Ajax_Response(); $x->add(array('data' => $html)); $x->send(); }
function ht_favourites_ajax_show() { $before_widget = stripcslashes($_POST['before_widget']); $after_widget = stripcslashes($_POST['after_widget']); $before_title = stripcslashes($_POST['before_title']); $after_title = stripcslashes($_POST['after_title']); $title = stripcslashes($_POST['title']); $user_id = $_POST['user_id']; $widget_id = $_POST['widget_id']; $faves = get_user_meta($user_id, 'user_favourites', true); $response = new WP_Ajax_Response(); $html = ""; if (count($faves) > 0 && is_array($faves)) { $html .= $before_widget; $userurl = site_url() . '/staff/' . $user_info->user_nicename; $userurl = get_author_posts_url($user_id); $gis = "options_forum_support"; $forumsupport = get_option($gis); $staffdirectory = get_option('options_module_staff_directory'); if (function_exists('bp_activity_screen_index')) { // if using BuddyPress - link to the members page $userurl = str_replace('/author', '/members', $userurl); } elseif (function_exists('bbp_get_displayed_user_field') && $staffdirectory) { // if using bbPress - link to the staff page $userurl = str_replace('/author', '/staff', $userurl); } $userurl .= "edit/#acf-field_5669ad29841d0"; $html .= "<a href='" . $userurl . "' class='btn btn-sm btn-default pull-right editfav'>Edit</a>"; if ($title) { $html .= $before_title . $title . $after_title; } $html .= "<ul>"; foreach ($faves as $r) { $title_context = ""; $rlink = get_post($r); if ($rlink->post_status == 'publish') { $taskparent = $rlink->post_parent; if ($taskparent) { $taskparent = get_post($taskparent); $title_context = " (" . govintranetpress_custom_title($taskparent->post_title) . ")"; } $ext_icon = ''; $ext = ''; if (get_post_format($r) == 'link') { $ext_icon = " <span class='dashicons dashicons-migrate'></span> "; $ext = "class='external-link' "; } $html .= "<li><a href='" . get_permalink($rlink->ID) . "'" . $ext . ">" . govintranetpress_custom_title($rlink->post_title) . $title_context . "</a>" . $ext_icon . "</li>"; $alreadydone[] = $r; } } $html .= "</ul>"; $html .= $after_widget; wp_reset_postdata(); } if ($html) { // Request successful $response->add(array('data' => 'success', 'supplemental' => array('message' => $html))); } else { // Request failed $response->add(array('data' => 'error', 'supplemental' => array('message' => 'an error occurred'))); } $response->send(); exit; }
/** * Ajax handler for editing a comment. * * @since 3.1.0 * * @global WP_List_Table $wp_list_table */ function wp_ajax_edit_comment() { global $wp_list_table; check_ajax_referer('replyto-comment', '_ajax_nonce-replyto-comment'); $comment_id = (int) $_POST['comment_ID']; if (!current_user_can('edit_comment', $comment_id)) { wp_die(-1); } if ('' == $_POST['content']) { wp_die(__('ERROR: please type a comment.')); } if (isset($_POST['status'])) { $_POST['comment_status'] = $_POST['status']; } edit_comment(); $position = isset($_POST['position']) && (int) $_POST['position'] ? (int) $_POST['position'] : '-1'; $checkbox = isset($_POST['checkbox']) && true == $_POST['checkbox'] ? 1 : 0; $wp_list_table = _get_list_table($checkbox ? 'WP_Comments_List_Table' : 'WP_Post_Comments_List_Table', array('screen' => 'edit-comments')); $comment = get_comment($comment_id); if (empty($comment->comment_ID)) { wp_die(-1); } ob_start(); $wp_list_table->single_row($comment); $comment_list_item = ob_get_clean(); $x = new WP_Ajax_Response(); $x->add(array('what' => 'edit_comment', 'id' => $comment->comment_ID, 'data' => $comment_list_item, 'position' => $position)); $x->send(); }
function ajax_library_actions() { global $wpdb; switch ($action = $_POST['action']) { case 'shiba_find_posts': check_ajax_referer('find-posts'); if (empty($_POST['ps'])) { exit; } $what = isset($_POST['type']) ? $_POST['type'] : 'post'; $s = stripslashes($_POST['ps']); preg_match_all('/".*?("|$)|((?<=[\\s",+])|^)[^\\s",+]+/', $s, $matches); $search_terms = array_map(create_function('$a', 'return trim($a, "\\"\'\\n\\r ");'), $matches[0]); $searchand = $search = ''; foreach ((array) $search_terms as $term) { $term = addslashes_gpc($term); $search .= "{$searchand}(({$wpdb->posts}.post_title LIKE '%{$term}%') OR ({$wpdb->posts}.post_content LIKE '%{$term}%'))"; $searchand = ' AND '; } $term = $wpdb->escape($s); if (count($search_terms) > 1 && $search_terms[0] != $s) { $search .= " OR ({$wpdb->posts}.post_title LIKE '%{$term}%') OR ({$wpdb->posts}.post_content LIKE '%{$term}%')"; } $posts = $wpdb->get_results("SELECT ID, post_title, post_status, post_date FROM {$wpdb->posts} WHERE post_type = '{$what}' AND {$search} ORDER BY post_date_gmt DESC LIMIT 50"); if (!$posts) { exit(__('No posts found.', THEMEDOMAIN)); } $html = '<table class="widefat" cellspacing="0"><thead><tr><th class="found-radio"><br /></th><th>' . __('Title') . '</th><th>' . __('Time') . '</th><th>' . __('Status') . '</th></tr></thead><tbody>'; foreach ($posts as $post) { switch ($post->post_status) { case 'publish': case 'private': $stat = __('Published', THEMEDOMAIN); break; case 'future': $stat = __('Scheduled', THEMEDOMAIN); break; case 'pending': $stat = __('Pending Review', THEMEDOMAIN); break; case 'draft': $stat = __('Unpublished', THEMEDOMAIN); break; } if ('0000-00-00 00:00:00' == $post->post_date) { $time = ''; } else { /* translators: date format in table columns, see http://php.net/date */ $time = mysql2date(__('Y/m/d', THEMEDOMAIN), $post->post_date); } $html .= '<tr class="found-posts"><td class="found-radio"><input type="radio" id="found-' . $post->ID . '" name="found_post_id" value="' . esc_attr($post->ID) . '"></td>'; $html .= '<td><label for="found-' . $post->ID . '">' . esc_html($post->post_title) . '</label></td><td>' . esc_html($time) . '</td><td>' . esc_html($stat) . '</td></tr>' . "\n\n"; } $html .= '</tbody></table>'; $x = new WP_Ajax_Response(); $x->add(array('what' => $what, 'data' => $html)); $x->send(); break; } // end switch }