Changeset 1527904
- Timestamp:
- 11/04/2016 07:33:59 AM (9 years ago)
- Location:
- my-page-order/trunk
- Files:
-
- 2 edited
-
mypageorder.php (modified) (8 diffs)
-
readme.txt (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
my-page-order/trunk/mypageorder.php
r1315212 r1527904 4 4 Plugin URI: http://www.geekyweekly.com/mypageorder 5 5 Description: My Page Order allows you to set the order of pages through a drag and drop interface. The default method of setting the order page by page is extremely clumsy, especially with a large number of pages. 6 Version: 4. 3.26 Version: 4.4.2 7 7 Author: Andrew Charlton 8 8 Author URI: http://www.geekyweekly.com … … 46 46 $success = ""; 47 47 48 current_user_can('edit_pages'); 49 48 50 if (isset($_POST)) { 49 if ( ! isset( $_POST['_nonce_my_page_order'] ) || ! wp_verify_nonce( $_POST['_nonce_my_page_order'], 'update' ) ) { 50 // exit; 51 } 52 51 53 52 if (isset($_POST['btnSubPages'])) { 54 $parentID = $_POST['pages'];53 $parentID = $_POST['pages']; 55 54 } 56 55 elseif (isset($_POST['hdnParentID'])) { … … 58 57 } 59 58 59 if(!is_numeric($parentID)) 60 return '<div id="message" class="error fade"><p>'. __('An error occured.', 'mypageorder').'</p></div>'; 61 60 62 if (isset($_POST['btnReturnParent'])) { 61 $parentsParent = $wpdb->get_row( $wpdb->prepare("SELECT post_parent FROM $wpdb->posts WHERE ID = %d ", $_POST['hdnParentID'] ), ARRAY_N); 63 $returnParentID = $_POST['hdnParentID']; 64 if(!is_numeric($returnParentID)) 65 return '<div id="message" class="error fade"><p>'. __('An error occured.', 'mypageorder').'</p></div>'; 66 67 $parentsParent = $wpdb->get_row( $wpdb->prepare("SELECT post_parent FROM $wpdb->posts WHERE ID = %d", $returnParentID), ARRAY_N); 62 68 $parentID = $parentsParent[0]; 63 69 } 64 65 if (isset($_POST['btnOrderPages'])) {70 elseif (isset($_POST['btnOrderPages'])) { 71 check_admin_referer('update_mypageorder_'.$parentID); 66 72 $success = mypageorder_updateOrder(); 67 73 } … … 73 79 <div class='wrap'> 74 80 <form name="frmMyPageOrder" method="post" action=""> 81 <?php wp_nonce_field('update_mypageorder_'.$parentID); ?> 75 82 <h2><?php _e('My Page Order', 'mypageorder') ?></h2> 76 83 <?php echo $success; ?> … … 110 117 <input type="hidden" id="hdnMyPageOrder" name="hdnMyPageOrder" /> 111 118 <input type="hidden" id="hdnParentID" name="hdnParentID" value="<?php echo $parentID; ?>" /> 112 <?php wp_nonce_field('update', '_nonce_my_page_order' ); ?>119 113 120 </form> 114 121 </div> … … 189 196 190 197 $hdnMyPageOrder = $_POST['hdnMyPageOrder']; 198 191 199 $IDs = explode(",", $hdnMyPageOrder); 192 200 $result = count($IDs); … … 195 203 { 196 204 $str = str_replace("id_", "", $IDs[$i]); 205 206 if(!is_numeric($str)) 207 return '<div id="message" class="error fade"><p>'. __('An error occured, order has not been saved.', 'mypageorder').'</p></div>'; 208 197 209 $wpdb->query($wpdb->prepare("UPDATE $wpdb->posts SET menu_order = %d WHERE id = %d ", $i, $str)); 198 210 } … … 201 213 } 202 214 else 203 return '<div id="message" class=" updatedfade"><p>'. __('An error occured, order has not been saved.', 'mypageorder').'</p></div>';215 return '<div id="message" class="error fade"><p>'. __('An error occured, order has not been saved.', 'mypageorder').'</p></div>'; 204 216 } 205 217 -
my-page-order/trunk/readme.txt
r1315214 r1527904 4 4 Tags: page, order, sidebar, widget 5 5 Requires at least: 2.8 6 Tested up to: 4. 3.27 Stable tag: 4. 3.26 Tested up to: 4.4.2 7 Stable tag: 4.4.2 8 8 9 9 My Page Order allows you to set the order of pages through a drag and drop interface. … … 18 18 19 19 == Change Log == 20 = 4.4.2 = 21 * Permission check and security improvement. 20 22 = 4.3 = 21 23 * PHP7 constructor update
Note: See TracChangeset
for help on using the changeset viewer.