From 281b8022e151649446f905a68fd735ae4f3bcde8 Mon Sep 17 00:00:00 2001 From: Dion Hulse Date: Thu, 12 Feb 2015 01:33:24 +0000 Subject: [PATCH] Prevent IE9 and lower displaying the download file dialogue when attempting to upload using the `html4` Plupload handler. The HTML4 Plupload handler uses a hidden iframe to POST the upload form, and unfortunately Internet Explorer 9 doesn't support the `application/json` content-type which `wp_send_json_success()` and requires `text/html` instead. This partially reverts [30354], keeping the better error messages. Merges [31429] to the 4.1 branch. Fixes #31037. Built from https://develop.svn.wordpress.org/branches/4.1@31430 git-svn-id: http://core.svn.wordpress.org/branches/4.1@31411 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/async-upload.php | 4 +-- wp-admin/includes/ajax-actions.php | 56 +++++++++++++++++++++++------- 2 files changed, 45 insertions(+), 15 deletions(-) diff --git a/wp-admin/async-upload.php b/wp-admin/async-upload.php index 08d710d27b..4a18aa1449 100644 --- a/wp-admin/async-upload.php +++ b/wp-admin/async-upload.php @@ -32,6 +32,8 @@ if ( ! ( isset( $_REQUEST['action'] ) && 'upload-attachment' == $_REQUEST['actio require_once( ABSPATH . 'wp-admin/admin.php' ); +header( 'Content-Type: text/html; charset=' . get_option( 'blog_charset' ) ); + if ( isset( $_REQUEST['action'] ) && 'upload-attachment' === $_REQUEST['action'] ) { include( ABSPATH . 'wp-admin/includes/ajax-actions.php' ); @@ -46,8 +48,6 @@ if ( ! current_user_can( 'upload_files' ) ) { wp_die( __( 'You do not have permission to upload files.' ) ); } -header( 'Content-Type: text/html; charset=' . get_option( 'blog_charset' ) ); - // just fetch the detail form for that attachment if ( isset($_REQUEST['attachment_id']) && ($id = intval($_REQUEST['attachment_id'])) && $_REQUEST['fetch'] ) { $post = get_post( $id ); diff --git a/wp-admin/includes/ajax-actions.php b/wp-admin/includes/ajax-actions.php index 9024a2c180..a18dbe7fa1 100644 --- a/wp-admin/includes/ajax-actions.php +++ b/wp-admin/includes/ajax-actions.php @@ -1832,21 +1832,36 @@ function wp_ajax_update_widget() { */ function wp_ajax_upload_attachment() { check_ajax_referer( 'media-form' ); + /* + * This function does not use wp_send_json_success() / wp_send_json_error() + * as the html4 Plupload handler requires a text/html content-type for older IE. + * See https://core.trac.wordpress.org/ticket/31037 + */ if ( ! current_user_can( 'upload_files' ) ) { - wp_send_json_error( array( - 'message' => __( "You don't have permission to upload files." ), - 'filename' => $_FILES['async-upload']['name'], + echo wp_json_encode( array( + 'success' => false, + 'data' => array( + 'message' => __( "You don't have permission to upload files." ), + 'filename' => $_FILES['async-upload']['name'], + ) ) ); + + wp_die(); } if ( isset( $_REQUEST['post_id'] ) ) { $post_id = $_REQUEST['post_id']; if ( ! current_user_can( 'edit_post', $post_id ) ) { - wp_send_json_error( array( - 'message' => __( "You don't have permission to attach files to this post." ), - 'filename' => $_FILES['async-upload']['name'], + echo wp_json_encode( array( + 'success' => false, + 'data' => array( + 'message' => __( "You don't have permission to attach files to this post." ), + 'filename' => $_FILES['async-upload']['name'], + ) ) ); + + wp_die(); } } else { $post_id = null; @@ -1858,20 +1873,30 @@ function wp_ajax_upload_attachment() { if ( isset( $post_data['context'] ) && in_array( $post_data['context'], array( 'custom-header', 'custom-background' ) ) ) { $wp_filetype = wp_check_filetype_and_ext( $_FILES['async-upload']['tmp_name'], $_FILES['async-upload']['name'], false ); if ( ! wp_match_mime_types( 'image', $wp_filetype['type'] ) ) { - wp_send_json_error( array( - 'message' => __( 'The uploaded file is not a valid image. Please try again.' ), - 'filename' => $_FILES['async-upload']['name'], + echo wp_json_encode( array( + 'success' => false, + 'data' => array( + 'message' => __( 'The uploaded file is not a valid image. Please try again.' ), + 'filename' => $_FILES['async-upload']['name'], + ) ) ); + + wp_die(); } } $attachment_id = media_handle_upload( 'async-upload', $post_id, $post_data ); if ( is_wp_error( $attachment_id ) ) { - wp_send_json_error( array( - 'message' => $attachment_id->get_error_message(), - 'filename' => $_FILES['async-upload']['name'], + echo wp_json_encode( array( + 'success' => false, + 'data' => array( + 'message' => $attachment_id->get_error_message(), + 'filename' => $_FILES['async-upload']['name'], + ) ) ); + + wp_die(); } if ( isset( $post_data['context'] ) && isset( $post_data['theme'] ) ) { @@ -1885,7 +1910,12 @@ function wp_ajax_upload_attachment() { if ( ! $attachment = wp_prepare_attachment_for_js( $attachment_id ) ) wp_die(); - wp_send_json_success( $attachment ); + echo wp_json_encode( array( + 'success' => true, + 'data' => $attachment, + ) ); + + wp_die(); } /**