Mercurial Mercurial > enmi-conf.org / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
wp/wp-admin/async-upload.php
changeset 7 cf61fcea0001
parent 5 5e2f62d02dcd
child 9 177826044cd9
equal deleted inserted replaced
6:490d5cc509ed 7:cf61fcea0001 
     1 <?php
 
     1 <?php
 
     2 /**
 
     2 /**
 
     3  * Server-side file upload handler from wp-plupload, swfupload or other asynchronous upload methods.
 
     3  * Server-side file upload handler from wp-plupload or other asynchronous upload methods.
 
     4  *
 
     4  *
 
     5  * @package WordPress
 
     5  * @package WordPress
 
     6  * @subpackage Administration
 
     6  * @subpackage Administration
 
     7  */
 
     7  */
 
     8 
     8 
    12 
    12 
    13 if ( ! defined( 'WP_ADMIN' ) ) {
 
    13 if ( ! defined( 'WP_ADMIN' ) ) {
 
    14 	define( 'WP_ADMIN', true );
 
    14 	define( 'WP_ADMIN', true );
 
    15 }
 
    15 }
 
    16 
    16 
    17 if ( defined('ABSPATH') )
 
    17 if ( defined( 'ABSPATH' ) ) {
 
    18 	require_once(ABSPATH . 'wp-load.php');
 
    18 	require_once( ABSPATH . 'wp-load.php' );
 
    19 else
 
    19 } else {
 
    20 	require_once( dirname( dirname( __FILE__ ) ) . '/wp-load.php' );
 
    20 	require_once( dirname( dirname( __FILE__ ) ) . '/wp-load.php' );
 
    21 
       
    22 if ( ! ( isset( $_REQUEST['action'] ) && 'upload-attachment' == $_REQUEST['action'] ) ) {
 
       
    23 	// Flash often fails to send cookies with the POST or upload, so we need to pass it in GET or POST instead
 
       
    24 	if ( is_ssl() && empty($_COOKIE[SECURE_AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie']) )
 
       
    25 		$_COOKIE[SECURE_AUTH_COOKIE] = $_REQUEST['auth_cookie'];
 
       
    26 	elseif ( empty($_COOKIE[AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie']) )
 
       
    27 		$_COOKIE[AUTH_COOKIE] = $_REQUEST['auth_cookie'];
 
       
    28 	if ( empty($_COOKIE[LOGGED_IN_COOKIE]) && !empty($_REQUEST['logged_in_cookie']) )
 
       
    29 		$_COOKIE[LOGGED_IN_COOKIE] = $_REQUEST['logged_in_cookie'];
 
       
    30 	unset($current_user);
 
       
    31 }
 
    21 }
 
    32 
    22 
    33 require_once( ABSPATH . 'wp-admin/admin.php' );
 
    23 require_once( ABSPATH . 'wp-admin/admin.php' );
 
    34 
    24 
    35 header( 'Content-Type: text/html; charset=' . get_option( 'blog_charset' ) );
 
    25 header( 'Content-Type: text/html; charset=' . get_option( 'blog_charset' ) );
 
    43 	wp_ajax_upload_attachment();
 
    33 	wp_ajax_upload_attachment();
 
    44 	die( '0' );
 
    34 	die( '0' );
 
    45 }
 
    35 }
 
    46 
    36 
    47 if ( ! current_user_can( 'upload_files' ) ) {
 
    37 if ( ! current_user_can( 'upload_files' ) ) {
 
    48 	wp_die( __( 'You do not have permission to upload files.' ) );
 
    38 	wp_die( __( 'Sorry, you are not allowed to upload files.' ) );
 
    49 }
 
    39 }
 
    50 
    40 
    51 // just fetch the detail form for that attachment
 
    41 // just fetch the detail form for that attachment
 
    52 if ( isset($_REQUEST['attachment_id']) && ($id = intval($_REQUEST['attachment_id'])) && $_REQUEST['fetch'] ) {
 
    42 if ( isset($_REQUEST['attachment_id']) && ($id = intval($_REQUEST['attachment_id'])) && $_REQUEST['fetch'] ) {
 
    53 	$post = get_post( $id );
 
    43 	$post = get_post( $id );
 
    54 	if ( 'attachment' != $post->post_type )
 
    44 	if ( 'attachment' != $post->post_type )
 
    55 		wp_die( __( 'Unknown post type.' ) );
 
    45 		wp_die( __( 'Invalid post type.' ) );
 
    56 	if ( ! current_user_can( 'edit_post', $id ) )
 
    46 	if ( ! current_user_can( 'edit_post', $id ) )
 
    57 		wp_die( __( 'You are not allowed to edit this item.' ) );
 
    47 		wp_die( __( 'Sorry, you are not allowed to edit this item.' ) );
 
    58 
    48 
    59 	switch ( $_REQUEST['fetch'] ) {
 
    49 	switch ( $_REQUEST['fetch'] ) {
 
    60 		case 3 :
 
    50 		case 3 :
 
    61 			if ( $thumb_url = wp_get_attachment_image_src( $id, 'thumbnail', true ) )
 
    51 			if ( $thumb_url = wp_get_attachment_image_src( $id, 'thumbnail', true ) )
 
    62 				echo '<img class="pinkynail" src="' . esc_url( $thumb_url[0] ) . '" alt="" />';
 
    52 				echo '<img class="pinkynail" src="' . esc_url( $thumb_url[0] ) . '" alt="" />';
 
    63 			echo '<a class="edit-attachment" href="' . esc_url( get_edit_post_link( $id ) ) . '" target="_blank">' . _x( 'Edit', 'media item' ) . '</a>';
 
    53 			echo '<a class="edit-attachment" href="' . esc_url( get_edit_post_link( $id ) ) . '" target="_blank">' . _x( 'Edit', 'media item' ) . '</a>';
 
    64 			$title = $post->post_title ? $post->post_title : wp_basename( $post->guid ); // title shouldn't ever be empty, but use filename just in cas.e
 
    54 
       
    55 			// Title shouldn't ever be empty, but use filename just in case.
 
       
    56 			$file = get_attached_file( $post->ID );
 
       
    57 			$title = $post->post_title ? $post->post_title : wp_basename( $file );
 
    65 			echo '<div class="filename new"><span class="title">' . esc_html( wp_html_excerpt( $title, 60, '&hellip;' ) ) . '</span></div>';
 
    58 			echo '<div class="filename new"><span class="title">' . esc_html( wp_html_excerpt( $title, 60, '&hellip;' ) ) . '</span></div>';
 
    66 			break;
 
    59 			break;
 
    67 		case 2 :
 
    60 		case 2 :
 
    68 			add_filter('attachment_fields_to_edit', 'media_single_attachment_fields_to_edit', 10, 2);
 
    61 			add_filter('attachment_fields_to_edit', 'media_single_attachment_fields_to_edit', 10, 2);
 
    69 			echo get_media_item($id, array( 'send' => false, 'delete' => true ));
 
    62 			echo get_media_item($id, array( 'send' => false, 'delete' => true ));
 
    87 
    80 
    88 $id = media_handle_upload( 'async-upload', $post_id );
 
    81 $id = media_handle_upload( 'async-upload', $post_id );
 
    89 if ( is_wp_error($id) ) {
 
    82 if ( is_wp_error($id) ) {
 
    90 	echo '<div class="error-div error">
 
    83 	echo '<div class="error-div error">
 
    91 	<a class="dismiss" href="#" onclick="jQuery(this).parents(\'div.media-item\').slideUp(200, function(){jQuery(this).remove();});">' . __('Dismiss') . '</a>
 
    84 	<a class="dismiss" href="#" onclick="jQuery(this).parents(\'div.media-item\').slideUp(200, function(){jQuery(this).remove();});">' . __('Dismiss') . '</a>
 
    92 	<strong>' . sprintf(__('&#8220;%s&#8221; has failed to upload due to an error'), esc_html($_FILES['async-upload']['name']) ) . '</strong><br />' .
 
    85 	<strong>' . sprintf(__('&#8220;%s&#8221; has failed to upload.'), esc_html($_FILES['async-upload']['name']) ) . '</strong><br />' .
 
    93 	esc_html($id->get_error_message()) . '</div>';
 
    86 	esc_html($id->get_error_message()) . '</div>';
 
    94 	exit;
 
    87 	exit;
 
    95 }
 
    88 }
 
    96 
    89 
    97 if ( $_REQUEST['short'] ) {
 
    90 if ( $_REQUEST['short'] ) {
 
   100 } else {
 
    93 } else {
 
   101 	// Long form response - big chunk o html.
 
    94 	// Long form response - big chunk o html.
 
   102 	$type = $_REQUEST['type'];
 
    95 	$type = $_REQUEST['type'];
 
   103 
    96 
   104 	/**
 
    97 	/**
 
   105 	 * Filter the returned ID of an uploaded attachment.
 
    98 	 * Filters the returned ID of an uploaded attachment.
 
   106 	 *
 
    99 	 *
 
   107 	 * The dynamic portion of the hook name, `$type`, refers to the attachment type,
 
   100 	 * The dynamic portion of the hook name, `$type`, refers to the attachment type,
 
   108 	 * such as 'image', 'audio', 'video', 'file', etc.
 
   101 	 * such as 'image', 'audio', 'video', 'file', etc.
 
   109 	 *
 
   102 	 *
 
   110 	 * @since 2.5.0
 
   103 	 * @since 2.5.0
enmi-conf.org