autosave fix ups

git-svn-id: http://svn.automattic.com/wordpress/trunk@4086 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2006-08-11 18:50:28 +00:00
parent d52b9b2d2a
commit 7ac67243e8
6 changed files with 36 additions and 4 deletions

View File

@ -246,6 +246,19 @@ case 'autosave' :
} }
die('0'); die('0');
break; break;
case 'autosave-generate-nonces' :
$ID = (int) $_POST['post_ID'];
if($_POST['post_type'] == 'post') {
if(current_user_can('edit_post', $ID))
die(wp_create_nonce('update-post_' . $ID));
}
if($_POST['post_type'] == 'page') {
if(current_user_can('edit_page', $ID)) {
die(wp_create_nonce('update-page_' . $ID));
}
}
die($_POST['post_type']);
break;
default : default :
do_action( 'wp_ajax_' . $_POST['action'] ); do_action( 'wp_ajax_' . $_POST['action'] );
die('0'); die('0');

View File

@ -53,7 +53,7 @@ if (empty($post->post_status)) $post->post_status = 'draft';
<input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" /> <input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" />
<input type="hidden" id="hiddenaction" name="action" value="<?php echo $form_action ?>" /> <input type="hidden" id="hiddenaction" name="action" value="<?php echo $form_action ?>" />
<input type="hidden" name="post_author" value="<?php echo $post->post_author ?>" /> <input type="hidden" name="post_author" value="<?php echo $post->post_author ?>" />
<input type="hidden" name="post_type" value="post" /> <input type="hidden" id="post_type" name="post_type" value="post" />
<?php echo $form_extra ?> <?php echo $form_extra ?>
<?php if (isset($_GET['message']) && 2 > $_GET['message']) : ?> <?php if (isset($_GET['message']) && 2 > $_GET['message']) : ?>

View File

@ -34,7 +34,7 @@ if (isset($mode) && 'bookmarklet' == $mode) {
<input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" /> <input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" />
<input type="hidden" id="hiddenaction" name="action" value='<?php echo $form_action ?>' /> <input type="hidden" id="hiddenaction" name="action" value='<?php echo $form_action ?>' />
<?php echo $form_extra ?> <?php echo $form_extra ?>
<input type="hidden" name="post_type" value="page" /> <input type="hidden" id="post_type" name="post_type" value="page" />
<script type="text/javascript"> <script type="text/javascript">
// <![CDATA[ // <![CDATA[

View File

@ -98,7 +98,7 @@ case 'editpost':
$referer = preg_replace('|https?://[^/]+|i', '', wp_get_referer()); $referer = preg_replace('|https?://[^/]+|i', '', wp_get_referer());
if ($_POST['save']) { if ($_POST['save']) {
$location = wp_get_referer(); $location = "post.php?action=edit&post=$post_ID";
} elseif ($_POST['updatemeta']) { } elseif ($_POST['updatemeta']) {
$location = wp_get_referer() . '&message=2#postcustom'; $location = wp_get_referer() . '&message=2#postcustom';
} elseif ($_POST['deletemeta']) { } elseif ($_POST['deletemeta']) {

View File

@ -25,6 +25,11 @@ function autosave_cur_time() {
((now.getSeconds() < 10) ? ":0" : ":") + now.getSeconds(); ((now.getSeconds() < 10) ? ":0" : ":") + now.getSeconds();
} }
function autosave_update_nonce() {
var response = nonceAjax.response;
document.getElementsByName('_wpnonce')[0].value = response;
}
function autosave_update_post_ID() { function autosave_update_post_ID() {
var response = autosaveAjax.response; var response = autosaveAjax.response;
var res = parseInt(response); var res = parseInt(response);
@ -36,9 +41,23 @@ function autosave_update_post_ID() {
message = "<?php _e('Saved at '); ?>" + autosave_cur_time(); message = "<?php _e('Saved at '); ?>" + autosave_cur_time();
$('post_ID').name = "post_ID"; $('post_ID').name = "post_ID";
$('post_ID').value = res; $('post_ID').value = res;
$('hiddenaction').value = 'editpost';
// We need new nonces
nonceAjax = new sack();
nonceAjax.element = null;
nonceAjax.setVar("action", "autosave-generate-nonces");
nonceAjax.setVar("post_ID", res);
nonceAjax.setVar("cookie", document.cookie);
nonceAjax.setVar("post_type", $('post_type').value);
nonceAjax.requestFile = "<?php echo get_bloginfo('siteurl'); ?>/wp-admin/admin-ajax.php";
nonceAjax.onCompletion = autosave_update_nonce;
nonceAjax.method = "POST";
nonceAjax.runAJAX();
} }
$('autosave').innerHTML = message; $('autosave').innerHTML = message;
} }
function autosave_loading() { function autosave_loading() {
$('autosave').innerHTML = "<?php _e('Saving Draft...'); ?>"; $('autosave').innerHTML = "<?php _e('Saving Draft...'); ?>";
} }

View File

@ -18,7 +18,7 @@ class WP_Scripts {
$this->add( 'tiny_mce', '/wp-includes/js/tinymce/tiny_mce_gzip.php', false, '04162006' ); $this->add( 'tiny_mce', '/wp-includes/js/tinymce/tiny_mce_gzip.php', false, '04162006' );
$this->add( 'wp_tiny_mce', '/wp-includes/js/tinymce/tiny_mce_config.php', array('tiny_mce'), '04162006' ); $this->add( 'wp_tiny_mce', '/wp-includes/js/tinymce/tiny_mce_config.php', array('tiny_mce'), '04162006' );
$this->add( 'prototype', '/wp-includes/js/prototype.js', false, '1.5.0'); $this->add( 'prototype', '/wp-includes/js/prototype.js', false, '1.5.0');
$this->add( 'autosave', '/wp-includes/js/autosave.js.php', array('prototype', 'sack'), '4080'); $this->add( 'autosave', '/wp-includes/js/autosave.js.php', array('prototype', 'sack'), '4086');
if ( is_admin() ) { if ( is_admin() ) {
$this->add( 'dbx-admin-key', '/wp-admin/dbx-admin-key-js.php', array('dbx'), '3651' ); $this->add( 'dbx-admin-key', '/wp-admin/dbx-admin-key-js.php', array('dbx'), '3651' );
$this->add( 'listman', '/wp-admin/list-manipulation-js.php', array('sack', 'fat'), '4042' ); // Make changeset # the correct one $this->add( 'listman', '/wp-admin/list-manipulation-js.php', array('sack', 'fat'), '4042' ); // Make changeset # the correct one