|
1
|
1 |
<?php |
|
|
2 |
/** |
|
|
3 |
* Accepts file uploads from swfupload or other asynchronous upload methods. |
|
|
4 |
* |
|
|
5 |
* @package WordPress |
|
|
6 |
* @subpackage Administration |
|
|
7 |
*/ |
|
|
8 |
|
|
|
9 |
define('WP_ADMIN', true); |
|
|
10 |
|
|
|
11 |
if ( defined('ABSPATH') ) |
|
|
12 |
require_once(ABSPATH . 'wp-load.php'); |
|
|
13 |
else |
|
|
14 |
require_once('../wp-load.php'); |
|
|
15 |
|
|
|
16 |
// Flash often fails to send cookies with the POST or upload, so we need to pass it in GET or POST instead |
|
|
17 |
if ( is_ssl() && empty($_COOKIE[SECURE_AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie']) ) |
|
|
18 |
$_COOKIE[SECURE_AUTH_COOKIE] = $_REQUEST['auth_cookie']; |
|
|
19 |
elseif ( empty($_COOKIE[AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie']) ) |
|
|
20 |
$_COOKIE[AUTH_COOKIE] = $_REQUEST['auth_cookie']; |
|
|
21 |
if ( empty($_COOKIE[LOGGED_IN_COOKIE]) && !empty($_REQUEST['logged_in_cookie']) ) |
|
|
22 |
$_COOKIE[LOGGED_IN_COOKIE] = $_REQUEST['logged_in_cookie']; |
|
|
23 |
unset($current_user); |
|
|
24 |
require_once('admin.php'); |
|
|
25 |
|
|
|
26 |
header('Content-Type: text/plain; charset=' . get_option('blog_charset')); |
|
|
27 |
|
|
|
28 |
if ( !current_user_can('upload_files') ) |
|
|
29 |
wp_die(__('You do not have permission to upload files.')); |
|
|
30 |
|
|
|
31 |
// just fetch the detail form for that attachment |
|
|
32 |
if ( isset($_REQUEST['attachment_id']) && ($id = intval($_REQUEST['attachment_id'])) && $_REQUEST['fetch'] ) { |
|
|
33 |
if ( 2 == $_REQUEST['fetch'] ) { |
|
|
34 |
add_filter('attachment_fields_to_edit', 'media_single_attachment_fields_to_edit', 10, 2); |
|
|
35 |
echo get_media_item($id, array( 'send' => false, 'delete' => true )); |
|
|
36 |
} else { |
|
|
37 |
add_filter('attachment_fields_to_edit', 'media_post_single_attachment_fields_to_edit', 10, 2); |
|
|
38 |
echo get_media_item($id); |
|
|
39 |
} |
|
|
40 |
exit; |
|
|
41 |
} |
|
|
42 |
|
|
|
43 |
check_admin_referer('media-form'); |
|
|
44 |
|
|
|
45 |
$id = media_handle_upload('async-upload', $_REQUEST['post_id']); |
|
|
46 |
if (is_wp_error($id)) { |
|
|
47 |
echo '<div id="media-upload-error">'.esc_html($id->get_error_message()).'</div>'; |
|
|
48 |
exit; |
|
|
49 |
} |
|
|
50 |
|
|
|
51 |
if ( $_REQUEST['short'] ) { |
|
|
52 |
// short form response - attachment ID only |
|
|
53 |
echo $id; |
|
|
54 |
} |
|
|
55 |
else { |
|
|
56 |
// long form response - big chunk o html |
|
|
57 |
$type = $_REQUEST['type']; |
|
|
58 |
echo apply_filters("async_upload_{$type}", $id); |
|
|
59 |
} |
|
|
60 |
|
|
|
61 |
?> |