@@ -131,7 +121,7 @@ case 'delete':
$post = & get_post($post_id);
- if ( !current_user_can('edit_post', $post_id) )
+ if ( !current_user_can('delete_post', $post_id) )
die( __('You are not allowed to delete this post.') );
if ( $post->post_type == 'attachment' ) {
@@ -147,285 +137,11 @@ case 'delete':
elseif (strstr($sendback, 'attachments.php')) $sendback = get_settings('siteurl') .'/wp-admin/attachments.php';
$sendback = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $sendback);
header ('Location: ' . $sendback);
- break;
-
-case 'editcomment':
- $title = __('Edit Comment');
- $parent_file = 'edit.php';
- require_once ('admin-header.php');
-
- get_currentuserinfo();
-
- $comment = (int) $_GET['comment'];
-
- if ( ! $comment = get_comment($comment) )
- die(sprintf(__('Oops, no comment with this ID.
Go back!'), 'javascript:history.go(-1)'));
-
- if ( !current_user_can('edit_post', $comment->comment_post_ID) )
- die( __('You are not allowed to edit comments on this post.') );
-
- $comment = get_comment_to_edit($comment);
-
- include('edit-form-comment.php');
-
- break;
-
-case 'confirmdeletecomment':
-
- require_once('./admin-header.php');
-
- $comment = (int) $_GET['comment'];
- $p = (int) $_GET['p'];
-
- if ( ! $comment = get_comment($comment) )
- die(sprintf(__('Oops, no comment with this ID.
Go back!'), 'edit.php'));
-
- if ( !current_user_can('edit_post', $comment->comment_post_ID) )
- die( __('You are not allowed to delete comments on this post.') );
-
- echo "
\n";
- if ( 'spam' == $_GET['delete_type'] )
- echo "
" . __('Caution: You are about to mark the following comment as spam:') . "
\n";
- else
- echo "
" . __('Caution: You are about to delete the following comment:') . "
\n";
- echo "
\n";
- echo "" . __('Author:') . " | $comment->comment_author |
\n";
- echo "" . __('E-mail:') . " | $comment->comment_author_email |
\n";
- echo "". __('URL:') . " | $comment->comment_author_url |
\n";
- echo "". __('Comment:') . " | $comment->comment_content |
\n";
- echo "
\n";
- echo "
" . __('Are you sure you want to do that?') . "
\n";
-
- echo "
\n";
- echo "
\n";
-
- break;
-
-case 'deletecomment':
-
- check_admin_referer();
-
- $comment = (int) $_GET['comment'];
- $p = (int) $_GET['p'];
- if (isset($_GET['noredir'])) {
- $noredir = true;
- } else {
- $noredir = false;
- }
-
- $postdata = get_post($p) or die(sprintf(__('Oops, no post with this ID.
Go back!'), 'edit.php'));
-
- if ( ! $comment = get_comment($comment) )
- die(sprintf(__('Oops, no comment with this ID.
Go back!'), 'post.php'));
-
- if ( !current_user_can('edit_post', $comment->comment_post_ID) )
- die( __('You are not allowed to edit comments on this post.') );
-
- if ( 'spam' == $_GET['delete_type'] )
- wp_set_comment_status($comment->comment_ID, 'spam');
- else
- wp_delete_comment($comment->comment_ID);
-
- if (($_SERVER['HTTP_REFERER'] != "") && (false == $noredir)) {
- header('Location: ' . $_SERVER['HTTP_REFERER']);
- } else {
- header('Location: '. get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments');
- }
-
- break;
-
-case 'unapprovecomment':
-
- check_admin_referer();
-
- $comment = (int) $_GET['comment'];
- $p = (int) $_GET['p'];
- if (isset($_GET['noredir'])) {
- $noredir = true;
- } else {
- $noredir = false;
- }
-
- if ( ! $comment = get_comment($comment) )
- die(sprintf(__('Oops, no comment with this ID.
Go back!'), 'edit.php'));
-
- if ( !current_user_can('edit_post', $comment->comment_post_ID) )
- die( __('You are not allowed to edit comments on this post, so you cannot disapprove this comment.') );
-
- wp_set_comment_status($comment->comment_ID, "hold");
-
- if (($_SERVER['HTTP_REFERER'] != "") && (false == $noredir)) {
- header('Location: ' . $_SERVER['HTTP_REFERER']);
- } else {
- header('Location: '. get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments');
- }
-
- break;
-
-case 'mailapprovecomment':
-
- $comment = (int) $_GET['comment'];
-
- if ( ! $comment = get_comment($comment) )
- die(sprintf(__('Oops, no comment with this ID.
Go back!'), 'edit.php'));
-
- if ( !current_user_can('edit_post', $comment->comment_post_ID) )
- die( __('You are not allowed to edit comments on this post, so you cannot approve this comment.') );
-
- if ('1' != $comment->comment_approved) {
- wp_set_comment_status($comment->comment_ID, 'approve');
- if (true == get_option('comments_notify'))
- wp_notify_postauthor($comment->comment_ID);
- }
-
- header('Location: ' . get_option('siteurl') . '/wp-admin/moderation.php?approved=1');
-
- break;
-
-case 'approvecomment':
-
- $comment = (int) $_GET['comment'];
- $p = (int) $_GET['p'];
- if (isset($_GET['noredir'])) {
- $noredir = true;
- } else {
- $noredir = false;
- }
-
- if ( ! $comment = get_comment($comment) )
- die(sprintf(__('Oops, no comment with this ID.
Go back!'), 'edit.php'));
-
- if ( !current_user_can('edit_post', $comment->comment_post_ID) )
- die( __('You are not allowed to edit comments on this post, so you cannot approve this comment.') );
-
- wp_set_comment_status($comment->comment_ID, "approve");
- if (get_settings("comments_notify") == true) {
- wp_notify_postauthor($comment->comment_ID);
- }
-
-
- if (($_SERVER['HTTP_REFERER'] != "") && (false == $noredir)) {
- header('Location: ' . $_SERVER['HTTP_REFERER']);
- } else {
- header('Location: '. get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments');
- }
-
- break;
-
-case 'editedcomment':
-
- edit_comment();
-
- $referredby = $_POST['referredby'];
- if (!empty($referredby)) {
- header('Location: ' . $referredby);
- } else {
- header ("Location: edit.php?p=$comment_post_ID&c=1#comments");
- }
-
+ exit();
break;
default:
- $title = __('Create New Post');
- require_once ('./admin-header.php');
-?>
-
-
View site »'), get_bloginfo('home') . '/'); ?>
-
-
-
-
- 15 ) $num_drafts = 15;
- for ( $i = 0; $i < $num_drafts; $i++ ) {
- $draft = $drafts[$i];
- if ( 0 != $i )
- echo ', ';
- $draft->post_title = stripslashes($draft->post_title);
- if ( empty($draft->post_title) )
- $draft->post_title = sprintf(__('Post # %s'), $draft->ID);
- echo "$draft->post_title";
- }
- ?>
-
- , »
-
- .
-
-
-
-'.__('WordPress bookmarklet').'
-
'.__('Right click on the following link and choose "Add to favorites" to create a posting shortcut.').'
'; ?>
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-You can also e-mail the admin to ask for a promotion.
-When you’re promoted, just reload this page and you’ll be able to blog. :)'), get_settings('admin_email')); ?>
-
-
- */
include('admin-footer.php');
?>
diff --git a/wp-includes/pluggable-functions.php b/wp-includes/pluggable-functions.php
index d8cad5267..16dfb9945 100644
--- a/wp-includes/pluggable-functions.php
+++ b/wp-includes/pluggable-functions.php
@@ -331,8 +331,8 @@ function wp_notify_postauthor($comment_id, $comment_type='') {
$subject = sprintf( __('[%1$s] Pingback: "%2$s"'), $blogname, $post->post_title );
}
$notify_message .= get_permalink($comment->comment_post_ID) . "#comments\r\n\r\n";
- $notify_message .= sprintf( __('To delete this comment, visit: %s'), get_settings('siteurl').'/wp-admin/post.php?action=confirmdeletecomment&p='.$comment->comment_post_ID."&comment=$comment_id" ) . "\r\n";
- $notify_message .= sprintf( __('To mark this comment as spam, visit: %s'), get_settings('siteurl').'/wp-admin/post.php?action=confirmdeletecomment&delete_type=spam&p='.$comment->comment_post_ID."&comment=$comment_id" ) . "\r\n";
+ $notify_message .= sprintf( __('To delete this comment, visit: %s'), get_settings('siteurl').'/wp-admin/comment.php?action=confirmdeletecomment&p='.$comment->comment_post_ID."&comment=$comment_id" ) . "\r\n";
+ $notify_message .= sprintf( __('To mark this comment as spam, visit: %s'), get_settings('siteurl').'/wp-admin/comment.php?action=confirmdeletecomment&delete_type=spam&p='.$comment->comment_post_ID."&comment=$comment_id" ) . "\r\n";
$wp_email = 'wordpress@' . preg_replace('#^www\.#', '', strtolower($_SERVER['SERVER_NAME']));
@@ -388,9 +388,9 @@ function wp_notify_moderator($comment_id) {
$notify_message .= sprintf( __('URI : %s'), $comment->comment_author_url ) . "\r\n";
$notify_message .= sprintf( __('Whois : http://ws.arin.net/cgi-bin/whois.pl?queryinput=%s'), $comment->comment_author_IP ) . "\r\n";
$notify_message .= __('Comment: ') . "\r\n" . $comment->comment_content . "\r\n\r\n";
- $notify_message .= sprintf( __('To approve this comment, visit: %s'), get_settings('siteurl').'/wp-admin/post.php?action=mailapprovecomment&p='.$comment->comment_post_ID."&comment=$comment_id" ) . "\r\n";
- $notify_message .= sprintf( __('To delete this comment, visit: %s'), get_settings('siteurl').'/wp-admin/post.php?action=confirmdeletecomment&p='.$comment->comment_post_ID."&comment=$comment_id" ) . "\r\n";
- $notify_message .= sprintf( __('To mark this comment as spam, visit: %s'), get_settings('siteurl').'/wp-admin/post.php?action=confirmdeletecomment&delete_type=spam&p='.$comment->comment_post_ID."&comment=$comment_id" ) . "\r\n";
+ $notify_message .= sprintf( __('To approve this comment, visit: %s'), get_settings('siteurl').'/wp-admin/comment.php?action=mailapprovecomment&p='.$comment->comment_post_ID."&comment=$comment_id" ) . "\r\n";
+ $notify_message .= sprintf( __('To delete this comment, visit: %s'), get_settings('siteurl').'/wp-admin/comment.php?action=confirmdeletecomment&p='.$comment->comment_post_ID."&comment=$comment_id" ) . "\r\n";
+ $notify_message .= sprintf( __('To mark this comment as spam, visit: %s'), get_settings('siteurl').'/wp-admin/comment.php?action=confirmdeletecomment&delete_type=spam&p='.$comment->comment_post_ID."&comment=$comment_id" ) . "\r\n";
$notify_message .= sprintf( __('Currently %s comments are waiting for approval. Please visit the moderation panel:'), $comments_waiting ) . "\r\n";
$notify_message .= get_settings('siteurl') . "/wp-admin/moderation.php\r\n";