<?php
// look up for the path
require_once('../../../../../../wp-config.php');
// check for rights
if ( !is_user_logged_in() && current_user_can('edit_posts') )
wp_die(__("You are not allowed to be here"));
$ajax_nonce = wp_create_nonce("nonce");
// more php blablabla ...
add_action('wp_ajax_my_action', 'add_post_meta_bs');
function add_post_meta_bs() {
global $wpdb;
check_ajax_referer('nonce', $_POST['security'], true);
add_post_meta((int)$_POST['post_id'], $_POST['key'], $_POST['val'], $_POST['unique']);
die();
}
?>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Bildstrecke</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<script language="javascript" type="text/javascript" src="<?php echo get_option('siteurl') ?>/wp-includes/js/tinymce/tiny_mce_popup.js"></script>
<script language="javascript" type="text/javascript" src="<?php echo get_option('siteurl') ?>/wp-includes/js/tinymce/utils/mctabs.js"></script>
<script language="javascript" type="text/javascript" src="<?php echo get_option('siteurl') ?>/wp-includes/js/tinymce/utils/form_utils.js"></script>
<script type="text/javascript" src="<?php echo get_option('siteurl') ?>/wp-admin/load-scripts.php?c=1&load=jquery,utils,jquery-ui-core,jquery-ui-widget,jquery-ui-mouse,jquery-ui-sortable&ver=<?php bloginfo('version') ?>"></script>
<script type="text/javascript">
function ajaxSubmit(id, argstring) {
jQuery.post("../../../../../../wp-admin/admin-ajax.php", {
action: 'wp_ajax_my_action',
post_id: id,
key: 'bildstrecke',
val: 'true',
unique: 'true',
security: '<?php echo $ajax_nonce ?>'
}).success(function() {
window.tinyMCE.execInstanceCommand('content', 'mceInsertContent', false, "[bildstrecke imgs=\""+argstring+"\"]");
tinyMCEPopup.editor.execCommand('mceRepaint');
tinyMCEPopup.close();
}).error(function(e) {
console.log(e)
});
return false;
}
// more js...
jQuery(document).ready(function($) {
// js blablabla...
$("#enter").click(function() {
if(window.tinyMCE) {
// more js determining post_id, idstring...
ajaxSubmit(post_id, idstring);
}
})
});
</script>
</head>
<body>...</body>
</html>