2008-01-25 14:21:11 -05:00
|
|
|
<?php
|
2008-08-11 16:26:31 -04:00
|
|
|
/**
|
2017-09-21 12:35:48 -04:00
|
|
|
* Server-side file upload handler from wp-plupload or other asynchronous upload methods.
|
2008-08-11 16:26:31 -04:00
|
|
|
*
|
|
|
|
* @package WordPress
|
|
|
|
* @subpackage Administration
|
|
|
|
*/
|
2009-04-20 14:18:39 -04:00
|
|
|
|
2014-03-15 15:59:15 -04:00
|
|
|
if ( isset( $_REQUEST['action'] ) && 'upload-attachment' === $_REQUEST['action'] ) {
|
|
|
|
define( 'DOING_AJAX', true );
|
|
|
|
}
|
|
|
|
|
2014-05-18 16:42:16 -04:00
|
|
|
if ( ! defined( 'WP_ADMIN' ) ) {
|
|
|
|
define( 'WP_ADMIN', true );
|
|
|
|
}
|
2008-01-25 14:21:11 -05:00
|
|
|
|
2017-09-21 12:35:48 -04:00
|
|
|
if ( defined( 'ABSPATH' ) ) {
|
|
|
|
require_once( ABSPATH . 'wp-load.php' );
|
|
|
|
} else {
|
2013-09-24 20:18:11 -04:00
|
|
|
require_once( dirname( dirname( __FILE__ ) ) . '/wp-load.php' );
|
2012-11-28 15:17:57 -05:00
|
|
|
}
|
2008-01-25 14:21:11 -05:00
|
|
|
|
2013-09-24 20:18:11 -04:00
|
|
|
require_once( ABSPATH . 'wp-admin/admin.php' );
|
2008-02-13 18:16:11 -05:00
|
|
|
|
2019-09-04 12:09:56 -04:00
|
|
|
header( 'Content-Type: text/plain; charset=' . get_option( 'blog_charset' ) );
|
2015-02-11 20:15:29 -05:00
|
|
|
|
2015-09-17 08:33:26 -04:00
|
|
|
if ( isset( $_REQUEST['action'] ) && 'upload-attachment' === $_REQUEST['action'] ) {
|
2014-05-18 16:52:15 -04:00
|
|
|
include( ABSPATH . 'wp-admin/includes/ajax-actions.php' );
|
2012-11-28 15:17:57 -05:00
|
|
|
|
|
|
|
send_nosniff_header();
|
|
|
|
nocache_headers();
|
|
|
|
|
|
|
|
wp_ajax_upload_attachment();
|
|
|
|
die( '0' );
|
|
|
|
}
|
|
|
|
|
2014-11-16 00:47:21 -05:00
|
|
|
if ( ! current_user_can( 'upload_files' ) ) {
|
2016-06-29 11:16:29 -04:00
|
|
|
wp_die( __( 'Sorry, you are not allowed to upload files.' ) );
|
2014-11-16 00:47:21 -05:00
|
|
|
}
|
|
|
|
|
2020-01-28 19:45:18 -05:00
|
|
|
// Just fetch the detail form for that attachment.
|
2019-07-01 08:52:01 -04:00
|
|
|
if ( isset( $_REQUEST['attachment_id'] ) && intval( $_REQUEST['attachment_id'] ) && $_REQUEST['fetch'] ) {
|
|
|
|
$id = intval( $_REQUEST['attachment_id'] );
|
2011-02-05 13:22:53 -05:00
|
|
|
$post = get_post( $id );
|
2017-11-30 18:11:00 -05:00
|
|
|
if ( 'attachment' != $post->post_type ) {
|
2017-01-09 21:40:42 -05:00
|
|
|
wp_die( __( 'Invalid post type.' ) );
|
2017-11-30 18:11:00 -05:00
|
|
|
}
|
|
|
|
if ( ! current_user_can( 'edit_post', $id ) ) {
|
2016-06-29 11:16:29 -04:00
|
|
|
wp_die( __( 'Sorry, you are not allowed to edit this item.' ) );
|
2017-11-30 18:11:00 -05:00
|
|
|
}
|
2011-02-05 13:22:53 -05:00
|
|
|
|
2012-11-21 08:05:44 -05:00
|
|
|
switch ( $_REQUEST['fetch'] ) {
|
2017-11-30 18:11:00 -05:00
|
|
|
case 3:
|
2019-07-01 08:52:01 -04:00
|
|
|
$thumb_url = wp_get_attachment_image_src( $id, 'thumbnail', true );
|
|
|
|
if ( $thumb_url ) {
|
2012-11-21 08:05:44 -05:00
|
|
|
echo '<img class="pinkynail" src="' . esc_url( $thumb_url[0] ) . '" alt="" />';
|
2017-11-30 18:11:00 -05:00
|
|
|
}
|
2012-11-21 08:05:44 -05:00
|
|
|
echo '<a class="edit-attachment" href="' . esc_url( get_edit_post_link( $id ) ) . '" target="_blank">' . _x( 'Edit', 'media item' ) . '</a>';
|
2015-09-14 22:50:25 -04:00
|
|
|
|
|
|
|
// Title shouldn't ever be empty, but use filename just in case.
|
2017-11-30 18:11:00 -05:00
|
|
|
$file = get_attached_file( $post->ID );
|
2015-09-14 22:50:25 -04:00
|
|
|
$title = $post->post_title ? $post->post_title : wp_basename( $file );
|
2013-05-08 20:22:02 -04:00
|
|
|
echo '<div class="filename new"><span class="title">' . esc_html( wp_html_excerpt( $title, 60, '…' ) ) . '</span></div>';
|
2012-11-21 08:05:44 -05:00
|
|
|
break;
|
2017-11-30 18:11:00 -05:00
|
|
|
case 2:
|
|
|
|
add_filter( 'attachment_fields_to_edit', 'media_single_attachment_fields_to_edit', 10, 2 );
|
|
|
|
echo get_media_item(
|
2018-08-16 21:51:36 -04:00
|
|
|
$id,
|
|
|
|
array(
|
2017-11-30 18:11:00 -05:00
|
|
|
'send' => false,
|
|
|
|
'delete' => true,
|
|
|
|
)
|
|
|
|
);
|
2012-11-21 08:05:44 -05:00
|
|
|
break;
|
|
|
|
default:
|
2017-11-30 18:11:00 -05:00
|
|
|
add_filter( 'attachment_fields_to_edit', 'media_post_single_attachment_fields_to_edit', 10, 2 );
|
|
|
|
echo get_media_item( $id );
|
2012-11-21 08:05:44 -05:00
|
|
|
break;
|
2008-09-27 04:17:55 -04:00
|
|
|
}
|
2008-04-14 19:09:14 -04:00
|
|
|
exit;
|
|
|
|
}
|
|
|
|
|
2017-11-30 18:11:00 -05:00
|
|
|
check_admin_referer( 'media-form' );
|
2008-05-30 16:43:36 -04:00
|
|
|
|
2012-11-28 21:39:34 -05:00
|
|
|
$post_id = 0;
|
|
|
|
if ( isset( $_REQUEST['post_id'] ) ) {
|
|
|
|
$post_id = absint( $_REQUEST['post_id'] );
|
2017-11-30 18:11:00 -05:00
|
|
|
if ( ! get_post( $post_id ) || ! current_user_can( 'edit_post', $post_id ) ) {
|
2012-11-28 21:39:34 -05:00
|
|
|
$post_id = 0;
|
2017-11-30 18:11:00 -05:00
|
|
|
}
|
2012-11-28 21:39:34 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
$id = media_handle_upload( 'async-upload', $post_id );
|
2017-11-30 18:11:00 -05:00
|
|
|
if ( is_wp_error( $id ) ) {
|
I18N: Improve translator comments.
* Add missing translator comments.
* Fix placement of some translator comments. Translator comments should be on the line directly above the line containing the translation function call for optimal compatibility with various `.pot` file generation tools. The CS auto-fixing, which changed some inconsistent function calls to multi-line function calls, is part of the reason why this was no longer the case for a select group of translator comments.
Includes minor code layout fixes.
Polyglots, rejoice! All WordPress core files now have translator comments for all strings with placeholders!
Props jrf, subrataemfluence, GaryJ, webdados, Dency, swissspidy, alvarogois, marcomartins, mihaiiceyro, vladwtz, niq1982, flipkeijzer, michielatyoast, chandrapatel, thrijith, joshuanoyce, FesoVik, tessak22, bhaktirajdev, cleancoded, dhavalkasvala, garrett-eclipse, bibliofille, socalchristina, priyankkpatel, 5hel2l2y, adamsilverstein, JeffPaul, pierlo, SergeyBiryukov.
Fixes #44360.
Built from https://develop.svn.wordpress.org/trunk@45926
git-svn-id: http://core.svn.wordpress.org/trunk@45737 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-01 13:13:59 -04:00
|
|
|
printf(
|
|
|
|
'<div class="error-div error">%s <strong>%s</strong><br />%s</div>',
|
|
|
|
sprintf(
|
|
|
|
'<button type="button" class="dismiss button-link" onclick="jQuery(this).parents(\'div.media-item\').slideUp(200, function(){jQuery(this).remove();});">%s</button>',
|
|
|
|
__( 'Dismiss' )
|
|
|
|
),
|
|
|
|
sprintf(
|
|
|
|
/* translators: %s: Name of the file that failed to upload. */
|
|
|
|
__( '“%s” has failed to upload.' ),
|
|
|
|
esc_html( $_FILES['async-upload']['name'] )
|
|
|
|
),
|
|
|
|
esc_html( $id->get_error_message() )
|
|
|
|
);
|
2008-01-25 14:21:11 -05:00
|
|
|
exit;
|
|
|
|
}
|
|
|
|
|
2008-04-14 19:09:14 -04:00
|
|
|
if ( $_REQUEST['short'] ) {
|
2014-07-17 05:14:16 -04:00
|
|
|
// Short form response - attachment ID only.
|
2008-04-14 19:09:14 -04:00
|
|
|
echo $id;
|
2010-05-23 06:59:52 -04:00
|
|
|
} else {
|
2020-01-28 19:45:18 -05:00
|
|
|
// Long form response - big chunk of HTML.
|
2008-04-14 19:09:14 -04:00
|
|
|
$type = $_REQUEST['type'];
|
2013-10-26 17:41:09 -04:00
|
|
|
|
|
|
|
/**
|
2016-05-22 14:01:30 -04:00
|
|
|
* Filters the returned ID of an uploaded attachment.
|
2013-10-26 17:41:09 -04:00
|
|
|
*
|
2014-11-30 06:42:24 -05:00
|
|
|
* The dynamic portion of the hook name, `$type`, refers to the attachment type,
|
2014-04-05 10:12:16 -04:00
|
|
|
* such as 'image', 'audio', 'video', 'file', etc.
|
2013-10-26 17:41:09 -04:00
|
|
|
*
|
|
|
|
* @since 2.5.0
|
|
|
|
*
|
|
|
|
* @param int $id Uploaded attachment ID.
|
|
|
|
*/
|
|
|
|
echo apply_filters( "async_upload_{$type}", $id );
|
2008-04-14 19:09:14 -04:00
|
|
|
}
|