| public ajax_update_posts ( $handler_vars ) |
public function ajax_update_posts($handler_vars)
{
Utils::check_request_method(array('POST'));
$response = new AjaxResponse();
$wsse = Utils::WSSE($_POST['nonce'], $_POST['timestamp']);
if ($_POST['digest'] != $wsse['digest']) {
$response->message = _t('WSSE authentication failed.');
$response->out();
return;
}
$ids = $_POST['selected'];
if (count($ids) == 0) {
$posts = new Posts();
} else {
$posts = Posts::get(array('id' => $ids, 'nolimit' => true));
}
Plugins::act('admin_update_posts', $_POST['action'], $posts, $this);
$status_msg = _t('Unknown action "%s"', array($_POST['action']));
switch ($_POST['action']) {
case 'delete':
$deleted = 0;
foreach ($posts as $post) {
if (ACL::access_check($post->get_access(), 'delete')) {
$post->delete();
$deleted++;
}
}
if ($deleted != count($posts)) {
$response->message = _t('You did not have permission to delete some posts.');
} else {
$response->message = sprintf(_n('Deleted %d post', 'Deleted %d posts', count($ids)), count($ids));
}
break;
default:
// Specific plugin-supplied action
Plugins::act('admin_posts_action', $response, $_POST['action'], $posts);
break;
}
$response->out();
exit;
}