Wordpress 2.8

[autoinstalls/wordpress.git] / wp-admin / async-upload.php

diff --git a/wp-admin/async-upload.php b/wp-admin/async-upload.php
index 8ee85fc1f838924581e9fe78efcba146389d5145..4197c8686e331468103d1aa76c29a6e364b10156 100644 (file)
--- a/wp-admin/async-upload.php
+++ b/wp-admin/async-upload.php
@@ -6,6 +6,8 @@
  * @subpackage Administration
  */
 
+define('WP_ADMIN', true);
+
 if ( defined('ABSPATH') )
        require_once(ABSPATH . 'wp-load.php');
 else
@@ -28,8 +30,9 @@ if ( !current_user_can('upload_files') )
 if ( isset($_REQUEST['attachment_id']) && ($id = intval($_REQUEST['attachment_id'])) && $_REQUEST['fetch'] ) {
        if ( 2 == $_REQUEST['fetch'] ) {
                add_filter('attachment_fields_to_edit', 'media_single_attachment_fields_to_edit', 10, 2);
-               echo get_media_item($id, array( 'send' => false, 'delete' => false ));
+               echo get_media_item($id, array( 'send' => false, 'delete' => true ));
        } else {
+               add_filter('attachment_fields_to_edit', 'media_post_single_attachment_fields_to_edit', 10, 2);
                echo get_media_item($id);
        }
        exit;
@@ -39,7 +42,7 @@ check_admin_referer('media-form');
 
 $id = media_handle_upload('async-upload', $_REQUEST['post_id']);
 if (is_wp_error($id)) {
-       echo '<div id="media-upload-error">'.wp_specialchars($id->get_error_message()).'</div>';
+       echo '<div id="media-upload-error">'.esc_html($id->get_error_message()).'</div>';
        exit;
 }
 
@@ -53,4 +56,4 @@ else {
        echo apply_filters("async_upload_{$type}", $id);
 }
 
-?>
\ No newline at end of file
+?>