+
+ switch ( $doaction ) {
+ case 'attach':
+ $parent_id = (int) $_REQUEST['found_post_id'];
+ if ( !$parent_id )
+ return;
+
+ $parent = get_post( $parent_id );
+ if ( !current_user_can( 'edit_post', $parent_id ) )
+ wp_die( __( 'You are not allowed to edit this post.' ) );
+
+ $attach = array();
+ foreach ( (array) $_REQUEST['media'] as $att_id ) {
+ $att_id = (int) $att_id;
+
+ if ( !current_user_can( 'edit_post', $att_id ) )
+ continue;
+
+ $attach[] = $att_id;
+ }
+
+ if ( ! empty( $attach ) ) {
+ $attach_string = implode( ',', $attach );
+ $attached = $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET post_parent = %d WHERE post_type = 'attachment' AND ID IN ( $attach_string )", $parent_id ) );
+ foreach ( $attach as $att_id ) {
+ clean_attachment_cache( $att_id );
+ }
+ }
+
+ if ( isset( $attached ) ) {
+ $location = 'upload.php';
+ if ( $referer = wp_get_referer() ) {
+ if ( false !== strpos( $referer, 'upload.php' ) )
+ $location = $referer;
+ }
+
+ $location = add_query_arg( array( 'attached' => $attached ) , $location );
+ wp_redirect( $location );
+ exit;
+ }
+ break;
+ case 'trash':
+ if ( !isset( $post_ids ) )
+ break;
+ foreach ( (array) $post_ids as $post_id ) {
+ if ( !current_user_can( 'delete_post', $post_id ) )
+ wp_die( __( 'You are not allowed to move this post to the trash.' ) );
+
+ if ( !wp_trash_post( $post_id ) )
+ wp_die( __( 'Error in moving to trash.' ) );
+ }
+ $location = add_query_arg( array( 'trashed' => count( $post_ids ), 'ids' => join( ',', $post_ids ) ), $location );
+ break;
+ case 'untrash':
+ if ( !isset( $post_ids ) )
+ break;
+ foreach ( (array) $post_ids as $post_id ) {
+ if ( !current_user_can( 'delete_post', $post_id ) )
+ wp_die( __( 'You are not allowed to move this post out of the trash.' ) );
+
+ if ( !wp_untrash_post( $post_id ) )
+ wp_die( __( 'Error in restoring from trash.' ) );
+ }
+ $location = add_query_arg( 'untrashed', count( $post_ids ), $location );
+ break;
+ case 'delete':
+ if ( !isset( $post_ids ) )
+ break;
+ foreach ( (array) $post_ids as $post_id_del ) {
+ if ( !current_user_can( 'delete_post', $post_id_del ) )
+ wp_die( __( 'You are not allowed to delete this post.' ) );
+
+ if ( !wp_delete_attachment( $post_id_del ) )
+ wp_die( __( 'Error in deleting.' ) );
+ }
+ $location = add_query_arg( 'deleted', count( $post_ids ), $location );
+ break;
+ }
+
+ wp_redirect( $location );
+ exit;
+} elseif ( ! empty( $_GET['_wp_http_referer'] ) ) {
+ wp_redirect( remove_query_arg( array( '_wp_http_referer', '_wpnonce' ), wp_unslash( $_SERVER['REQUEST_URI'] ) ) );
+ exit;