root/branches/2.0/wp-admin/edit-form-comment.php

Revision 5550, 4.8 kB (checked in by markjaquith, 1 year ago)

attribute_escape()s and int casts for 2.0.x: see #4333

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
Line 
1 <?php
2 $submitbutton_text = __('Edit Comment &raquo;');
3 $toprow_title = sprintf(__('Editing Comment # %s'), $comment->comment_ID);
4 $form_action = 'editedcomment';
5 $form_extra = "' />\n<input type='hidden' name='comment_ID' value='" . $comment->comment_ID . "' />\n<input type='hidden' name='comment_post_ID' value='".$comment->comment_post_ID;
6 ?>
7
8 <form name="post" action="post.php" method="post" id="post">
9 <?php wp_nonce_field('update-comment_' . $comment->comment_ID) ?>
10 <div class="wrap">
11 <input type="hidden" name="user_ID" value="<?php echo (int) $user_ID ?>" />
12 <input type="hidden" name="action" value='<?php echo $form_action . $form_extra ?>' />
13
14 <script type="text/javascript">
15 function focusit() { // focus on first input field
16     document.post.name.focus();
17 }
18 addLoadEvent(focusit);
19 </script>
20 <fieldset id="namediv">
21     <legend><?php _e('Name:') ?></legend>
22     <div>
23       <input type="text" name="newcomment_author" size="22" value="<?php echo attribute_escape($comment->comment_author); ?>" tabindex="1" id="name" />
24     </div>
25 </fieldset>
26 <fieldset id="emaildiv">
27         <legend><?php _e('E-mail:') ?></legend>
28         <div>
29           <input type="text" name="newcomment_author_email" size="30" value="<?php echo attribute_escape($comment->comment_author_email); ?>" tabindex="2" id="email" />
30     </div>
31 </fieldset>
32 <fieldset id="uridiv">
33         <legend><?php _e('URI:') ?></legend>
34         <div>
35           <input type="text" id="newcomment_author_url" name="newcomment_author_url" size="35" value="<?php echo attribute_escape($comment->comment_author_url); ?>" tabindex="3" id="URL" />
36     </div>
37 </fieldset>
38
39 <fieldset style="clear: both;">
40         <legend><?php _e('Comment') ?></legend>
41 <?php the_quicktags(); ?>
42
43 <?php
44  $rows = get_settings('default_post_edit_rows');
45  if (($rows < 3) || ($rows > 100)) {
46      $rows = 10;
47  }
48 ?>
49 <div><textarea title="true" rows="<?php echo $rows; ?>" cols="40" name="content" tabindex="4" id="content" style="width: 99%"><?php echo user_can_richedit() ? wp_richedit_pre($comment->comment_content) : $comment->comment_content; ?></textarea></div>
50 </fieldset>
51
52 <script type="text/javascript">
53 <!--
54 edCanvas = document.getElementById('content');
55 <?php if ( user_can_richedit() ) : ?>
56 // This code is meant to allow tabbing from Author URL to Post (TinyMCE).
57 if ( tinyMCE.isMSIE )
58     document.getElementById('newcomment_author_url').onkeydown = function (e)
59         {
60             e = e ? e : window.event;
61             if (e.keyCode == 9 && !e.shiftKey && !e.controlKey && !e.altKey) {
62                 var i = tinyMCE.selectedInstance;
63                 if(typeof i ==  'undefined')
64                     return true;
65                                 tinyMCE.execCommand("mceStartTyping");
66                 this.blur();
67                 i.contentWindow.focus();
68                 e.returnValue = false;
69                 return false;
70             }
71         }
72 else
73     document.getElementById('newcomment_author_url').onkeypress = function (e)
74         {
75             e = e ? e : window.event;
76             if (e.keyCode == 9 && !e.shiftKey && !e.controlKey && !e.altKey) {
77                 var i = tinyMCE.selectedInstance;
78                 if(typeof i ==  'undefined')
79                     return true;
80                                 tinyMCE.execCommand("mceStartTyping");
81                 this.blur();
82                 i.contentWindow.focus();
83                 e.returnValue = false;
84                 return false;
85             }
86         }
87 <?php endif; ?>
88 //-->
89 </script>
90
91 <p class="submit"><input type="submit" name="editcomment" id="editcomment" value="<?php echo $submitbutton_text ?>" style="font-weight: bold;" tabindex="6" />
92   <input name="referredby" type="hidden" id="referredby" value="<?php echo wp_get_referer(); ?>" />
93 </p>
94
95 </div>
96
97 <div class="wrap">
98 <h2><?php _e('Advanced'); ?></h2>
99
100 <table width="100%" cellspacing="2" cellpadding="5" class="editform">
101     <tr>
102         <th scope="row" valign="top"><?php _e('Comment Status') ?>:</th>
103         <td><label for="comment_status_approved" class="selectit"><input id="comment_status_approved" name="comment_status" type="radio" value="1" <?php checked($comment->comment_approved, '1'); ?> /> <?php _e('Approved') ?></label><br />
104       <label for="comment_status_moderated" class="selectit"><input id="comment_status_moderated" name="comment_status" type="radio" value="0" <?php checked($comment->comment_approved, '0'); ?> /> <?php _e('Moderated') ?></label><br />
105       <label for="comment_status_spam" class="selectit"><input id="comment_status_spam" name="comment_status" type="radio" value="spam" <?php checked($comment->comment_approved, 'spam'); ?> /> <?php _e('Spam') ?></label></td>
106     </tr>
107
108 <?php if ( current_user_can('edit_posts') ) : ?>
109     <tr>
110         <th scope="row"><?php _e('Edit time'); ?>:</th>
111         <td><?php touch_time(('editcomment' == $action), 0); ?></td>
112     </tr>
113 <?php endif; ?>
114
115     <tr>
116         <th scope="row"><?php _e('Delete'); ?>:</th>
117         <td><p><a class="delete" href="post.php?action=confirmdeletecomment&amp;noredir=true&amp;comment=<?php echo $comment->comment_ID; ?>&amp;p=<?php echo $comment->comment_post_ID; ?>"><?php _e('Delete comment') ?></a></p></td>
118     </tr>
119 </table>
120
121 </div>
122
123 </form>
124
Note: See TracBrowser for help on using the browser.