link-manager.php

Revision 4656, 15.0 kB (checked in by markjaquith, 2 years ago)
new function for escaping within attributes: attribute_escape()
Property svn:eol-style set to `native` Property svn:keywords set to `Author Date Id Revision`

Line
1	<?php
2	// Links
3	// Copyright (C) 2002, 2003 Mike Little -- mike@zed1.com
4
5	require_once('admin.php');
6
7	$title = __('Manage Links');
8	$this_file = $parent_file = 'link-manager.php';
9	$list_js = true;
10
11	$wpvarstoreset = array('action','cat_id', 'linkurl', 'name', 'image',
12	'description', 'visible', 'target', 'category', 'link_id',
13	'submit', 'order_by', 'links_show_cat_id', 'rating', 'rel',
14	'notes', 'linkcheck[]');
15
16	for ($i=0; $i<count($wpvarstoreset); $i += 1) {
17	$wpvar = $wpvarstoreset[$i];
18	if (!isset($$wpvar)) {
19	if (empty($_POST["$wpvar"])) {
20	if (empty($_GET["$wpvar"])) {
21	$$wpvar = '';
22	} else {
23	$$wpvar = $_GET["$wpvar"];
24	}
25	} else {
26	$$wpvar = $_POST["$wpvar"];
27	}
28	}
29	}
30
31	$links_show_cat_id = $_COOKIE['links_show_cat_id_' . COOKIEHASH];
32	$links_show_order = $_COOKIE['links_show_order_' . COOKIEHASH];
33
34	if ('' != $_POST['assign']) $action = 'assign';
35	if ('' != $_POST['visibility']) $action = 'visibility';
36	if ('' != $_POST['move']) $action = 'move';
37	if ('' != $_POST['linkcheck']) $linkcheck = $_POST[linkcheck];
38
39	switch ($action) {
40	case 'assign':
41	{
42	check_admin_referer('bulk-bookmarks');
43
44	// check the current user's level first.
45	if ( !current_user_can('manage_links') )
46	die (__("Cheatin' uh ?"));
47
48	//for each link id (in $linkcheck[]): if the current user level >= the
49	//userlevel of the owner of the link then we can proceed.
50
51	if (count($linkcheck) == 0) {
52	wp_redirect($this_file);
53	exit;
54	}
55	$all_links = join(',', $linkcheck);
56	$results = $wpdb->get_results("SELECT link_id, link_owner FROM $wpdb->links LEFT JOIN $wpdb->users ON link_owner = ID WHERE link_id in ($all_links)");
57	foreach ($results as $row) {
58	$ids_to_change[] = $row->link_id;
59	}
60
61	// should now have an array of links we can change
62	$all_links = join(',', $ids_to_change);
63	$q = $wpdb->query("update $wpdb->links SET link_owner='$newowner' WHERE link_id IN ($all_links)");
64
65	wp_redirect($this_file);
66	exit;
67	break;
68	}
69	case 'visibility':
70	{
71	check_admin_referer('bulk-bookmarks');
72
73	// check the current user's level first.
74	if ( !current_user_can('manage_links') )
75	die (__("Cheatin' uh ?"));
76
77	//for each link id (in $linkcheck[]): toggle the visibility
78	if (count($linkcheck) == 0) {
79	wp_redirect($this_file);
80	exit;
81	}
82	$all_links = join(',', $linkcheck);
83	$results = $wpdb->get_results("SELECT link_id, link_visible FROM $wpdb->links WHERE link_id in ($all_links)");
84	foreach ($results as $row) {
85	if ($row->link_visible == 'Y') { // ok to proceed
86	$ids_to_turnoff[] = $row->link_id;
87	} else {
88	$ids_to_turnon[] = $row->link_id;
89	}
90	}
91
92	// should now have two arrays of links to change
93	if (count($ids_to_turnoff)) {
94	$all_linksoff = join(',', $ids_to_turnoff);
95	$q = $wpdb->query("update $wpdb->links SET link_visible='N' WHERE link_id IN ($all_linksoff)");
96	}
97
98	if (count($ids_to_turnon)) {
99	$all_linkson = join(',', $ids_to_turnon);
100	$q = $wpdb->query("update $wpdb->links SET link_visible='Y' WHERE link_id IN ($all_linkson)");
101	}
102
103	wp_redirect($this_file);
104	exit;
105	break;
106	}
107	case 'move':
108	{
109	check_admin_referer('bulk-bookmarks');
110
111	// check the current user's level first.
112	if ( !current_user_can('manage_links') )
113	die (__("Cheatin' uh ?"));
114
115	//for each link id (in $linkcheck[]) change category to selected value
116	if (count($linkcheck) == 0) {
117	wp_redirect($this_file);
118	exit;
119	}
120	$all_links = join(',', $linkcheck);
121	// should now have an array of links we can change
122	$q = $wpdb->query("update $wpdb->links SET link_category='$category' WHERE link_id IN ($all_links)");
123
124	wp_redirect($this_file);
125	exit();
126	break;
127	}
128
129	case 'Add':
130	{
131	check_admin_referer('add-bookmark');
132
133	add_link();
134
135	wp_redirect(wp_get_referer() . '?added=true');
136	exit;
137	break;
138	} // end Add
139
140	case 'editlink':
141	{
142	$link_id = (int) $_POST['link_id'];
143	check_admin_referer('update-bookmark_' . $link_id);
144
145	if (isset($links_show_cat_id) && ($links_show_cat_id != ''))
146	$cat_id = $links_show_cat_id;
147
148	if (!isset($cat_id) \|\| ($cat_id == '')) {
149	if (!isset($links_show_cat_id) \|\| ($links_show_cat_id == ''))
150	$cat_id = 'All';
151	}
152	$links_show_cat_id = $cat_id;
153
154	edit_link($link_id);
155
156	setcookie('links_show_cat_id_' . COOKIEHASH, $links_show_cat_id, time()+600);
157	wp_redirect($this_file);
158	exit;
159	break;
160	} // end Save
161
162	case 'delete':
163	{
164	$link_id = (int) $_GET['link_id'];
165	check_admin_referer('delete-bookmark_' . $link_id);
166
167	if ( !current_user_can('manage_links') )
168	die (__("Cheatin' uh ?"));
169
170	wp_delete_link($link_id);
171
172	if (isset($links_show_cat_id) && ($links_show_cat_id != ''))
173	$cat_id = $links_show_cat_id;
174
175	if (!isset($cat_id) \|\| ($cat_id == '')) {
176	if (!isset($links_show_cat_id) \|\| ($links_show_cat_id == ''))
177	$cat_id = 'All';
178	}
179	$links_show_cat_id = $cat_id;
180	setcookie('links_show_cat_id_' . COOKIEHASH, $links_show_cat_id, time()+600);
181	wp_redirect($this_file);
182	exit;
183	break;
184	} // end Delete
185
186	case 'linkedit': {
187	$xfn_js = true;
188	include_once ('admin-header.php');
189	if ( !current_user_can('manage_links') )
190	die(__('You do not have sufficient permissions to edit the links for this blog.'));
191
192	$link_id = (int) $_GET['link_id'];
193
194	if ( !$link = get_link_to_edit($link_id) )
195	die( __('Link not found.') );
196
197	include('edit-link-form.php');
198	break;
199	} // end linkedit
200	case __("Show"):
201	{
202	if (!isset($cat_id) \|\| ($cat_id == '')) {
203	if (!isset($links_show_cat_id) \|\| ($links_show_cat_id == ''))
204	$cat_id = 'All';
205	}
206	$links_show_cat_id = $cat_id;
207	if (!isset($order_by) \|\| ($order_by == '')) {
208	if (!isset($links_show_order) \|\| ($links_show_order == ''))
209	$order_by = 'order_name';
210	}
211	$links_show_order = $order_by;
212	//break; fall through
213	} // end Show
214	case "popup":
215	{
216	$link_url = stripslashes($_GET["linkurl"]);
217	$link_name = stripslashes($_GET["name"]);
218	//break; fall through
219	}
220	default:
221	{
222	if (isset($links_show_cat_id) && ($links_show_cat_id != ''))
223	$cat_id = $links_show_cat_id;
224
225	if (!isset($cat_id) \|\| ($cat_id == '')) {
226	if (!isset($links_show_cat_id) \|\| ($links_show_cat_id == ''))
227	$cat_id = 'All';
228	}
229	$links_show_cat_id = $cat_id;
230	if (isset($links_show_order) && ($links_show_order != ''))
231	$order_by = $links_show_order;
232
233	if (!isset($order_by) \|\| ($order_by == ''))
234	$order_by = 'order_name';
235	$links_show_order = $order_by;
236
237	setcookie('links_show_cat_id_' . COOKIEHASH, $links_show_cat_id, time()+600);
238	setcookie('links_show_order_' . COOKIEHASH, $links_show_order, time()+600);
239	include_once ("./admin-header.php");
240	if ( !current_user_can('manage_links') )
241	die(__("You do not have sufficient permissions to edit the links for this blog."));
242
243	switch ($order_by)
244	{
245	case 'order_id': $sqlorderby = 'id'; break;
246	case 'order_url': $sqlorderby = 'url'; break;
247	case 'order_desc': $sqlorderby = 'description'; break;
248	case 'order_owner': $sqlorderby = 'owner'; break;
249	case 'order_rating': $sqlorderby = 'rating'; break;
250	case 'order_name':
251	default: $sqlorderby = 'name'; break;
252	}
253
254	if ($action != "popup") {
255	?>
256	<script type="text/javascript">
257	<!--
258	function checkAll(form)
259	{
260	for (i = 0, n = form.elements.length; i < n; i++) {
261	if(form.elements[i].type == "checkbox") {
262	if(form.elements[i].checked == true)
263	form.elements[i].checked = false;
264	else
265	form.elements[i].checked = true;
266	}
267	}
268	}
269	//-->
270	</script>
271
272	<div class="wrap">
273	<form name="cats" method="post" action="">
274	<table width="75%" cellpadding="3" cellspacing="3">
275	<tr>
276	<td>
277	<?php _e('<strong>Show</strong> links in category:'); ?><br />
278	</td>
279	<td>
280	<?php _e('<strong>Order</strong> by:');?>
281	</td>
282	<td> </td>
283	</tr>
284	<tr>
285	<td>
286	<?php
287	$results = $wpdb->get_results("SELECT cat_id, cat_name, auto_toggle FROM $wpdb->linkcategories ORDER BY cat_id");
288	echo " <select name=\"cat_id\">\n";
289	echo " <option value=\"All\"";
290	if ($cat_id == 'All')
291	echo " selected='selected'";
292	echo "> " . __('All') . "</option>\n";
293	foreach ($results as $row) {
294	echo " <option value=\"".$row->cat_id."\"";
295	if ($row->cat_id == $cat_id)
296	echo " selected='selected'";
297	echo ">".$row->cat_id.": ".wp_specialchars($row->cat_name);
298	if ($row->auto_toggle == 'Y')
299	echo ' '.__('(auto toggle)');
300	echo "</option>\n";
301	}
302	echo " </select>\n";
303	?>
304	</td>
305	<td>
306	<select name="order_by">
307	<option value="order_id" <?php if ($order_by == 'order_id') echo " selected='selected'";?>><?php _e('Link ID') ?></option>
308	<option value="order_name" <?php if ($order_by == 'order_name') echo " selected='selected'";?>><?php _e('Name') ?></option>
309	<option value="order_url" <?php if ($order_by == 'order_url') echo " selected='selected'";?>><?php _e('URI') ?></option>
310	<option value="order_desc" <?php if ($order_by == 'order_desc') echo " selected='selected'";?>><?php _e('Description') ?></option>
311	<option value="order_owner" <?php if ($order_by == 'order_owner') echo " selected='selected'";?>><?php _e('Owner') ?></option>
312	<option value="order_rating" <?php if ($order_by == 'order_rating') echo " selected='selected'";?>><?php _e('Rating') ?></option>
313	</select>
314	</td>
315	<td>
316	<input type="submit" name="action" value="<?php _e('Show') ?>" />
317	</td>
318	</tr>
319	</table>
320	</form>
321
322	</div>
323
324	<form name="links" id="links" method="post" action="">
325	<div class="wrap">
326
327	<?php wp_nonce_field('bulk-bookmarks') ?>
328	<input type="hidden" name="link_id" value="" />
329	<input type="hidden" name="action" value="" />
330	<input type="hidden" name="order_by" value="<?php echo attribute_escape($order_by); ?>" />
331	<input type="hidden" name="cat_id" value="<?php echo (int) $cat_id ?>" />
332	<table id="the-list-x" width="100%" cellpadding="3" cellspacing="3">
333	<tr>
334	<th width="15%"><?php _e('Name') ?></th>
335	<th><?php _e('URI') ?></th>
336	<th><?php _e('Category') ?></th>
337	<th><?php _e('rel') ?></th>
338	<th><?php _e('Image') ?></th>
339	<th><?php _e('Visible') ?></th>
340	<th colspan="2"><?php _e('Action') ?></th>
341	<th> </th>
342	</tr>
343	<?php
344	$sql = "SELECT link_url, link_name, link_image, link_description, link_visible,
345	link_category AS cat_id, cat_name AS category, $wpdb->users.user_login, link_id,
346	link_rating, link_rel
347	FROM $wpdb->links
348	LEFT JOIN $wpdb->linkcategories ON $wpdb->links.link_category = $wpdb->linkcategories.cat_id
349	LEFT JOIN $wpdb->users ON $wpdb->users.ID = $wpdb->links.link_owner ";
350
351	if (isset($cat_id) && ($cat_id != 'All')) {
352	$sql .= " WHERE link_category = $cat_id ";
353	}
354	$sql .= ' ORDER BY link_' . $sqlorderby;
355
356	// echo "$sql";
357	$links = $wpdb->get_results($sql);
358	if ($links) {
359	foreach ($links as $link) {
360	$link->link_name = attribute_escape($link->link_name);
361	$link->link_category = wp_specialchars($link->link_category);
362	$link->link_description = wp_specialchars($link->link_description);
363	$link->link_url = attribute_escape($link->link_url);
364	$short_url = str_replace('http://', '', $link->link_url);
365	$short_url = str_replace('www.', '', $short_url);
366	if ('/' == substr($short_url, -1))
367	$short_url = substr($short_url, 0, -1);
368	if (strlen($short_url) > 35)
369	$short_url = substr($short_url, 0, 32).'...';
370
371	$image = ($link->link_image != null) ? __('Yes') : __('No');
372	$visible = ($link->link_visible == 'Y') ? __('Yes') : __('No');
373	++$i;
374	$style = ($i % 2) ? '' : ' class="alternate"';
375	?>
376	<tr id="link-<?php echo $link->link_id; ?>" valign="middle" <?php echo $style; ?>>
377	<td><strong><?php echo $link->link_name; ?></strong><br />
378	<?php
379	echo sprintf(__('Description: %s'), $link->link_description) . "</td>";
380	echo "<td><a href=\"$link->link_url\" title=\"" . sprintf(__('Visit %s'), $link->link_name) . "\">$short_url</a></td>";
381	echo <<<LINKS
382	<td>$link->category</td>
383	<td>$link->link_rel</td>
384	<td align='center'>$image</td>
385	<td align='center'>$visible</td>
386	LINKS;
387	$show_buttons = 1; // default
388
389	if ($show_buttons) {
390	echo '<td><a href="link-manager.php?link_id=' . $link->link_id . '&action=linkedit" class="edit">' . __('Edit') . '</a></td>';
391	echo '<td><a href="' . wp_nonce_url('link-manager.php?link_id='.$link->link_id.'&action=delete', 'delete-bookmark_' . $link->link_id ) . '"'." class='delete' onclick=\"return deleteSomething( 'link', $link->link_id , '".sprintf(__("You are about to delete the "%s" bookmark to %s.\\n"Cancel" to stop, "OK" to delete."), js_escape($link->link_name), js_escape($link->link_url)).'\' );">'.__('Delete').'</a></td>';
392	echo '<td><input type="checkbox" name="linkcheck[]" value="' . $link->link_id . '" /></td>';
393	} else {
394	echo "<td> </td><td> </td><td> </td>\n";
395	}
396
397	echo "\n </tr>\n";
398	}
399	}
400	?>
401	</table>
402
403	<div id="ajax-response"></div>
404
405	</div>
406
407	<div class="wrap">
408	<table width="100%" cellpadding="3" cellspacing="3">
409	<tr><th colspan="4"><?php _e('Manage Multiple Links:') ?></th></tr>
410	<tr><td colspan="4"><?php _e('Use the checkboxes on the right to select multiple links and choose an action below:') ?></td></tr>
411	<tr>
412	<td>
413	<?php _e('Assign ownership to:'); ?>
414	<?php
415	$results = $wpdb->get_results("SELECT ID, user_login FROM $wpdb->users ORDER BY ID");
416	echo " <select name=\"newowner\" size=\"1\">\n";
417	foreach ($results as $row) {
418	echo " <option value=\"".$row->ID."\"";
419	echo ">".$row->user_login;
420	echo "</option>\n";
421	}
422	echo " </select>\n";
423	?>
424	<input name="assign" type="submit" id="assign" value="<?php _e('Go') ?>" />
425	</td>
426	<td>
427	<input name="visibility" type="submit" id="visibility" value="<?php _e('Toggle Visibility') ?>" />
428	</td>
429	<td>
430	<?php _e('Move to category:'); link_category_dropdown('category'); ?> <input name="move" type="submit" id="move" value="<?php _e('Go') ?>" />
431	</td>
432	<td align="right">
433	<a href="#" onclick="checkAll(document.getElementById('links')); return false; "><?php _e('Toggle Checkboxes') ?></a>
434	</td>
435	</tr>
436	</table>
437
438	<?php
439	} // end if !popup
440	?>
441	</div>
442	</form>
443
444
445	<?php
446	break;
447	} // end default
448	} // end case
449	?>
450
451	<?php include('admin-footer.php'); ?>
452

Note: See TracBrowser for help on using the browser.

root/branches/2.0/wp-admin/link-manager.php

Download in other formats: