enmi-conf.org: wp/wp-admin/async-upload.php@d970ebf37754 (annotated)

0 d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1	<?php
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	2	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	3	* Accepts file uploads from swfupload or other asynchronous upload methods.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	4	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	5	* @package WordPress
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	6	* @subpackage Administration
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	7	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	8
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	9	define('WP_ADMIN', true);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	10
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	11	if ( defined('ABSPATH') )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	12	require_once(ABSPATH . 'wp-load.php');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	13	else
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	14	require_once( dirname( dirname( __FILE__ ) ) . '/wp-load.php' );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	15
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	16	if ( ! ( isset( $_REQUEST['action'] ) && 'upload-attachment' == $_REQUEST['action'] ) ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	17	// Flash often fails to send cookies with the POST or upload, so we need to pass it in GET or POST instead
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	18	if ( is_ssl() && empty($_COOKIE[SECURE_AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie']) )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	19	$_COOKIE[SECURE_AUTH_COOKIE] = $_REQUEST['auth_cookie'];
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	20	elseif ( empty($_COOKIE[AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie']) )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	21	$_COOKIE[AUTH_COOKIE] = $_REQUEST['auth_cookie'];
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	22	if ( empty($_COOKIE[LOGGED_IN_COOKIE]) && !empty($_REQUEST['logged_in_cookie']) )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	23	$_COOKIE[LOGGED_IN_COOKIE] = $_REQUEST['logged_in_cookie'];
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	24	unset($current_user);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	25	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	26
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	27	require_once( ABSPATH . 'wp-admin/admin.php' );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	28
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	29	if ( !current_user_can('upload_files') )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	30	wp_die(__('You do not have permission to upload files.'));
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	31
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	32	header('Content-Type: text/html; charset=' . get_option('blog_charset'));
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	33
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	34	if ( isset( $_REQUEST['action'] ) && 'upload-attachment' === $_REQUEST['action'] ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	35	define( 'DOING_AJAX', true );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	36	include ABSPATH . 'wp-admin/includes/ajax-actions.php';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	37
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	38	send_nosniff_header();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	39	nocache_headers();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	40
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	41	wp_ajax_upload_attachment();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	42	die( '0' );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	43	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	44
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	45	// just fetch the detail form for that attachment
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	46	if ( isset($_REQUEST['attachment_id']) && ($id = intval($_REQUEST['attachment_id'])) && $_REQUEST['fetch'] ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	47	$post = get_post( $id );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	48	if ( 'attachment' != $post->post_type )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	49	wp_die( __( 'Unknown post type.' ) );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	50	if ( ! current_user_can( 'edit_post', $id ) )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	51	wp_die( __( 'You are not allowed to edit this item.' ) );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	52
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	53	switch ( $_REQUEST['fetch'] ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	54	case 3 :
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	55	if ( $thumb_url = wp_get_attachment_image_src( $id, 'thumbnail', true ) )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	56	echo '<img class="pinkynail" src="' . esc_url( $thumb_url[0] ) . '" alt="" />';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	57	echo '<a class="edit-attachment" href="' . esc_url( get_edit_post_link( $id ) ) . '" target="_blank">' . _x( 'Edit', 'media item' ) . '</a>';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	58	$title = $post->post_title ? $post->post_title : wp_basename( $post->guid ); // title shouldn't ever be empty, but use filename just in cas.e
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	59	echo '<div class="filename new"><span class="title">' . esc_html( wp_html_excerpt( $title, 60, '…' ) ) . '</span></div>';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	60	break;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	61	case 2 :
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	62	add_filter('attachment_fields_to_edit', 'media_single_attachment_fields_to_edit', 10, 2);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	63	echo get_media_item($id, array( 'send' => false, 'delete' => true ));
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	64	break;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	65	default:
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	66	add_filter('attachment_fields_to_edit', 'media_post_single_attachment_fields_to_edit', 10, 2);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	67	echo get_media_item($id);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	68	break;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	69	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	70	exit;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	71	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	72
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	73	check_admin_referer('media-form');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	74
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	75	$post_id = 0;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	76	if ( isset( $_REQUEST['post_id'] ) ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	77	$post_id = absint( $_REQUEST['post_id'] );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	78	if ( ! get_post( $post_id ) \|\| ! current_user_can( 'edit_post', $post_id ) )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	79	$post_id = 0;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	80	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	81
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	82	$id = media_handle_upload( 'async-upload', $post_id );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	83	if ( is_wp_error($id) ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	84	echo '<div class="error-div">
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	85	<a class="dismiss" href="#" onclick="jQuery(this).parents(\'div.media-item\').slideUp(200, function(){jQuery(this).remove();});">' . __('Dismiss') . '</a>
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	86	<strong>' . sprintf(__('“%s” has failed to upload due to an error'), esc_html($_FILES['async-upload']['name']) ) . '</strong><br />' .
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	87	esc_html($id->get_error_message()) . '</div>';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	88	exit;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	89	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	90
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	91	if ( $_REQUEST['short'] ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	92	// short form response - attachment ID only
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	93	echo $id;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	94	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	95	// long form response - big chunk o html
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	96	$type = $_REQUEST['type'];
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	97	echo apply_filters("async_upload_{$type}", $id);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	98	}

author	ymh <ymh.work@gmail.com>
	Wed, 06 Nov 2013 03:21:17 +0000
changeset 0	d970ebf37754
child 5	5e2f62d02dcd
permissions	-rw-r--r--