Wordpress 3.1.2-scripts

[autoinstalls/wordpress.git] / wp-admin / media-upload.php

diff --git a/wp-admin/media-upload.php b/wp-admin/media-upload.php
index bd21e4bc4982534b13b197b6ee4073e3d97e69af..81bbf5369a157298176651562d7ad200792498dd 100644 (file)
--- a/wp-admin/media-upload.php
+++ b/wp-admin/media-upload.php
@@ -9,6 +9,9 @@
  * @subpackage Administration
  */
 
+if ( ! isset( $_GET['inline'] ) )
+       define( 'IFRAME_REQUEST' , true );
+
 /** Load WordPress Administration Bootstrap */
 require_once('./admin.php');
 
@@ -35,6 +38,7 @@ if ( isset($_GET['inline']) ) {
        $errors = array();
 
        if ( isset($_POST['html-upload']) && !empty($_FILES) ) {
+               check_admin_referer('media-form');
                // Upload File button was clicked
                $id = media_handle_upload('async-upload', $_REQUEST['post_id']);
                unset($_FILES);
@@ -52,6 +56,7 @@ if ( isset($_GET['inline']) ) {
                        $location .= '?message=3';
 
                wp_redirect( admin_url($location) );
+               exit;
        }
 
        $title = __('Upload New Media');
@@ -88,9 +93,7 @@ if ( isset($_GET['inline']) ) {
        <input type="hidden" name="post_id" id="post_id" value="0" />
        <?php wp_nonce_field('media-form'); ?>
        <div id="media-items" class="hide-if-no-js"> </div>
-       <p>
-       <input type="submit" class="button savebutton hide-if-no-js" name="save" value="<?php esc_attr_e( 'Save all changes' ); ?>" />
-       </p>
+       <?php submit_button( __( 'Save all changes' ), 'button savebutton hide-if-no-js', 'save' ); ?>
        </form>
        </div>