private function edit_comment($comment_ID, $comment_post_ID)
{
if (!current_user_can('edit_post', $comment_post_ID)) {
$this->base->ks_die(__('You are not allowed to edit comments on this post, so you cannot edit this comment.'));
}
$charset = ks_detect_encoding();
if (!$this->base->get('encoding_converted')) {
foreach (array('newcomment_author', 'content') as $f) {
$_POST[$f] = $this->base->decode_from_ktai($_POST[$f], $charset);
}
}
$comment_data = array();
$comment_data['comment_author'] = trim(strip_tags($_POST['newcomment_author']));
$comment_data['comment_author_email'] = trim(strip_tags($_POST['newcomment_author_email']));
$comment_data['comment_author_url'] = trim(strip_tags($_POST['newcomment_author_url']));
$comment_data['comment_approved'] = trim(strip_tags($_POST['comment_status']));
$comment_data['comment_content'] = trim($_POST['content']);
$comment_data['comment_ID'] = intval($_POST['comment_ID']);
wp_update_comment($comment_data);
}
public function edit_post($post_ID, $post_type = 'post')
{
global $current_user;
if (!$post_ID) {
$this->base->ks_die(__("You attempted to edit a post that doesn't exist. Perhaps it was deleted?"));
exit;
} elseif ('page' == $post_type) {
if (!current_user_can('edit_page', $post_ID)) {
$this->base->ks_die(__('You are not allowed to edit this page.'));
exit;
}
} elseif (!current_user_can('edit_post', $post_ID)) {
$this->base->ks_die(__('You are not allowed to edit this post.'));
exit;
}
$charset = ks_detect_encoding();
if (!$this->base->get('encoding_converted')) {
foreach (array('post_title', 'post_name', 'content', 'tags_input') as $f) {
$_POST[$f] = $this->base->decode_from_ktai($_POST[$f], $charset);
}
}
$post = wp_get_single_post($post_ID, ARRAY_A);
$post_data =& $_POST;
$post_data['ID'] = intval($post_ID);
if (!isset($post_data['post_type'])) {
$post_data['post_type'] = $post_type;
}
$post_data['post_title'] = trim(strip_tags($post_data['post_title']));
$post_data['post_name'] = trim(strip_tags($post_data['post_name']));
$post_data['post_content'] = trim($post_data['content']);
$post_data['tags_input'] = trim(strip_tags($post_data['tags_input']));
$post_data['post_parent'] = isset($post_data['parent_id']) ? intval($post_data['parent_id']) : '';
if ($post['post_author'] != $current_user->ID) {
if ('page' == $post_type) {
if (!current_user_can('edit_others_pages')) {
$this->base->ks_die(__('You are not allowed to edit pages as this user.'));
}
} elseif (!current_user_can('edit_others_posts')) {
$this->base->ks_die(__('You are not allowed to edit posts as this user.'));
}
}
if (isset($post_data['post_cats'])) {
$post_data['post_category'] = array_map('intval', explode(',', $post_data['post_cats']));
}
if (!isset($post_data['comment_status'])) {
$post_data['comment_status'] = 'closed';
}
if (!isset($post_data['ping_status'])) {
$post_data['ping_status'] = 'closed';
}
// What to do based on which button they pressed
if (isset($post_data['publish']) && '' != $post_data['publish']) {
$post_data['post_status'] = 'publish';
if (empty($post_data['post_name'])) {
$post_data['post_name'] = $post->post_name ? $post->post_name : $this->create_post_name($post_type, $post_data['post_title']);
}
}
$previous_status = get_post_field('post_status', isset($post_data['ID']) ? $post_data['ID'] : $post_data['temp_ID']);
if ('page' == $post_type) {
$publish_cap = 'publish_pages';
$edit_cap = 'edit_published_pages';
} else {
$publish_cap = 'publish_posts';
$edit_cap = 'edit_published_posts';
}
if (isset($post_data['post_status']) && ('publish' == $post_data['post_status'] && !current_user_can($publish_cap))) {
if ($previous_status != 'publish' || !current_user_can($edit_cap)) {
$post_data['post_status'] = 'pending';
}
}
if (!isset($post_data['post_status'])) {
$post_data['post_status'] = $previous_status;
}
if (isset($post_data['visibility']) && 'private' == $post_data['visibility']) {
$post_data['post_status'] = 'private';
$post_data['post_password'] = '';
unset($post_data['sticky']);
}
wp_update_post($post_data);
return intval($post_ID);
}
private function select_cats()
{
global $title, $post_ID, $parent_file;
$parent_file = 'edit.php';
if ($_POST['originalaction'] == 'editpost') {
$post_ID = (int) $_POST['post_ID'];
if ($post_ID < 1) {
$this->base->ks_die(__("You attempted to edit a post that doesn't exist. Perhaps it was deleted?"));
}
check_admin_referer('update-post_' . $post_ID);
} else {
$post_ID = 0;
check_admin_referer('add-post');
}
foreach (array('post_ID', 'post_cats', 'originalaction', 'referredby', '_wp_original_http_referer') as $k) {
if (isset($_POST[$k])) {
$this->admin->set_data($k, $_POST[$k]);
}
}
$charset = ks_detect_encoding();
$this->admin->set_data('post_title', ks_mb_get_form('post_title', $charset));
$this->admin->set_data('post_name', ks_mb_get_form('post_name', $charset));
$this->admin->set_data('post_content', ks_mb_get_form('content', $charset));
$this->admin->set_data('tags_input', ks_mb_get_form('tags_input', $charset));
$title = __('Select Category', 'ktai_style');
include dirname(__FILE__) . '/admin-header.php';
?>
<form action="post.php" method="post">
<input type="hidden" name="action" value="changecats" />
<?php
$this->admin->sid_field();
wp_nonce_field('change-cats_' . $post_ID, "_wpnonce", false);
$this->category_checklist(array_map('intval', explode(',', $_POST['post_cats'])));
?>
<input type="submit" name="cancel" value="<?php
_e('Cancel');
?>
" />
<input type="submit" value="<?php
_e('Set Category', 'ktai_style');
?>
" />
</form>
<?php
include dirname(__FILE__) . '/admin-footer.php';
}
function ks_mb_get_form($key, $charset = NULL)
{
if (!isset($_POST[$key])) {
return NULL;
}
global $Ktai_Style;
$value = $_POST[$key];
if (function_exists('mb_convert_encoding') && !$Ktai_Style->get('encoding_converted')) {
$charset = $charset ? $charset : ks_detect_encoding();
$value = $Ktai_Style->decode_from_ktai($value, $charset);
}
return stripslashes($value);
}
