diff -r f507feede89a -r 09a1c134465b web/wp-admin/async-upload.php --- a/web/wp-admin/async-upload.php Wed Dec 19 12:35:13 2012 -0800 +++ b/web/wp-admin/async-upload.php Wed Dec 19 17:46:52 2012 -0800 @@ -13,20 +13,34 @@ else require_once('../wp-load.php'); -// Flash often fails to send cookies with the POST or upload, so we need to pass it in GET or POST instead -if ( is_ssl() && empty($_COOKIE[SECURE_AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie']) ) - $_COOKIE[SECURE_AUTH_COOKIE] = $_REQUEST['auth_cookie']; -elseif ( empty($_COOKIE[AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie']) ) - $_COOKIE[AUTH_COOKIE] = $_REQUEST['auth_cookie']; -if ( empty($_COOKIE[LOGGED_IN_COOKIE]) && !empty($_REQUEST['logged_in_cookie']) ) - $_COOKIE[LOGGED_IN_COOKIE] = $_REQUEST['logged_in_cookie']; -unset($current_user); +if ( ! ( isset( $_REQUEST['action'] ) && 'upload-attachment' == $_REQUEST['action'] ) ) { + // Flash often fails to send cookies with the POST or upload, so we need to pass it in GET or POST instead + if ( is_ssl() && empty($_COOKIE[SECURE_AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie']) ) + $_COOKIE[SECURE_AUTH_COOKIE] = $_REQUEST['auth_cookie']; + elseif ( empty($_COOKIE[AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie']) ) + $_COOKIE[AUTH_COOKIE] = $_REQUEST['auth_cookie']; + if ( empty($_COOKIE[LOGGED_IN_COOKIE]) && !empty($_REQUEST['logged_in_cookie']) ) + $_COOKIE[LOGGED_IN_COOKIE] = $_REQUEST['logged_in_cookie']; + unset($current_user); +} + require_once('./admin.php'); +if ( !current_user_can('upload_files') ) + wp_die(__('You do not have permission to upload files.')); + header('Content-Type: text/html; charset=' . get_option('blog_charset')); -if ( !current_user_can('upload_files') ) - wp_die(__('You do not have permission to upload files.')); +if ( isset( $_REQUEST['action'] ) && 'upload-attachment' === $_REQUEST['action'] ) { + define( 'DOING_AJAX', true ); + include ABSPATH . 'wp-admin/includes/ajax-actions.php'; + + send_nosniff_header(); + nocache_headers(); + + wp_ajax_upload_attachment(); + die( '0' ); +} // just fetch the detail form for that attachment if ( isset($_REQUEST['attachment_id']) && ($id = intval($_REQUEST['attachment_id'])) && $_REQUEST['fetch'] ) { @@ -37,19 +51,36 @@ if ( ! current_user_can( $post_type_object->cap->edit_post, $id ) ) wp_die( __( 'You are not allowed to edit this item.' ) ); - if ( 2 == $_REQUEST['fetch'] ) { - add_filter('attachment_fields_to_edit', 'media_single_attachment_fields_to_edit', 10, 2); - echo get_media_item($id, array( 'send' => false, 'delete' => true )); - } else { - add_filter('attachment_fields_to_edit', 'media_post_single_attachment_fields_to_edit', 10, 2); - echo get_media_item($id); + switch ( $_REQUEST['fetch'] ) { + case 3 : + if ( $thumb_url = wp_get_attachment_image_src( $id, 'thumbnail', true ) ) + echo ''; + echo '' . _x( 'Edit', 'media item' ) . ''; + $title = $post->post_title ? $post->post_title : wp_basename( $post->guid ); // title shouldn't ever be empty, but use filename just in cas.e + echo '
' . esc_html( wp_html_excerpt( $title, 60 ) ) . '
'; + break; + case 2 : + add_filter('attachment_fields_to_edit', 'media_single_attachment_fields_to_edit', 10, 2); + echo get_media_item($id, array( 'send' => false, 'delete' => true )); + break; + default: + add_filter('attachment_fields_to_edit', 'media_post_single_attachment_fields_to_edit', 10, 2); + echo get_media_item($id); + break; } exit; } check_admin_referer('media-form'); -$id = media_handle_upload('async-upload', $_REQUEST['post_id']); +$post_id = 0; +if ( isset( $_REQUEST['post_id'] ) ) { + $post_id = absint( $_REQUEST['post_id'] ); + if ( ! get_post( $post_id ) || ! current_user_can( 'edit_post', $post_id ) ) + $post_id = 0; +} + +$id = media_handle_upload( 'async-upload', $post_id ); if ( is_wp_error($id) ) { echo '
' . __('Dismiss') . '