]> scripts.mit.edu Git - autoinstalls/wordpress.git/blobdiff - wp-admin/includes/media.php
Wordpress 3.1.4
[autoinstalls/wordpress.git] / wp-admin / includes / media.php
index d91ffc2398827107eb75a45a6fec907e31724e89..99deac5a330bb5b7cfd640d34dfe9525245f5e43 100644 (file)
@@ -1,23 +1,54 @@
 <?php
-
+/**
+ * WordPress Administration Media API.
+ *
+ * @package WordPress
+ * @subpackage Administration
+ */
+
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.5.0
+ *
+ * @return unknown
+ */
 function media_upload_tabs() {
        $_default_tabs = array(
-               'type' => __('Choose File'), // handler action suffix => tab text
+               'type' => __('From Computer'), // handler action suffix => tab text
+               'type_url' => __('From URL'),
                'gallery' => __('Gallery'),
-               'library' => __('Media Library'),
+               'library' => __('Media Library')
        );
 
        return apply_filters('media_upload_tabs', $_default_tabs);
 }
 
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.5.0
+ *
+ * @param unknown_type $tabs
+ * @return unknown
+ */
 function update_gallery_tab($tabs) {
        global $wpdb;
+
        if ( !isset($_REQUEST['post_id']) ) {
                unset($tabs['gallery']);
                return $tabs;
        }
-       if ( intval($_REQUEST['post_id']) )
-               $attachments = intval($wpdb->get_var($wpdb->prepare("SELECT count(*) FROM $wpdb->posts WHERE post_type = 'attachment' AND post_parent = %d", $_REQUEST['post_id'])));
+
+       $post_id = intval($_REQUEST['post_id']);
+
+       if ( $post_id )
+               $attachments = intval( $wpdb->get_var( $wpdb->prepare( "SELECT count(*) FROM $wpdb->posts WHERE post_type = 'attachment' AND post_status != 'trash' AND post_parent = %d", $post_id ) ) );
+
+       if ( empty($attachments) ) {
+               unset($tabs['gallery']);
+               return $tabs;
+       }
 
        $tabs['gallery'] = sprintf(__('Gallery (%s)'), "<span id='attachments-count'>$attachments</span>");
 
@@ -25,6 +56,11 @@ function update_gallery_tab($tabs) {
 }
 add_filter('media_upload_tabs', 'update_gallery_tab');
 
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.5.0
+ */
 function the_media_upload_tabs() {
        global $redir_tab;
        $tabs = media_upload_tabs();
@@ -35,86 +71,151 @@ function the_media_upload_tabs() {
                        $current = $redir_tab;
                elseif ( isset($_GET['tab']) && array_key_exists($_GET['tab'], $tabs) )
                        $current = $_GET['tab'];
-               else {
-                       $keys = array_keys($tabs);
-                       $current = array_shift($keys);
-               }
+               else
+                       $current = apply_filters('media_upload_default_tab', 'type');
+
                foreach ( $tabs as $callback => $text ) {
                        $class = '';
                        if ( $current == $callback )
                                $class = " class='current'";
                        $href = add_query_arg(array('tab'=>$callback, 's'=>false, 'paged'=>false, 'post_mime_type'=>false, 'm'=>false));
-                       $link = "<a href='" . clean_url($href) . "'$class>$text</a>";
-                       echo "\t<li id='" . attribute_escape("tab-$callback") . "'>$link</li>\n";
+                       $link = "<a href='" . esc_url($href) . "'$class>$text</a>";
+                       echo "\t<li id='" . esc_attr("tab-$callback") . "'>$link</li>\n";
                }
                echo "</ul>\n";
        }
 }
 
-function get_image_send_to_editor($id, $alt, $title, $align, $url='', $rel = false, $size='medium') {
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.5.0
+ *
+ * @param unknown_type $id
+ * @param unknown_type $alt
+ * @param unknown_type $title
+ * @param unknown_type $align
+ * @param unknown_type $url
+ * @param unknown_type $rel
+ * @param unknown_type $size
+ * @return unknown
+ */
+function get_image_send_to_editor($id, $caption, $title, $align, $url='', $rel = false, $size='medium', $alt = '') {
 
        $html = get_image_tag($id, $alt, $title, $align, $size);
 
-       $rel = $rel ? ' rel="attachment wp-att-'.attribute_escape($id).'"' : '';
+       $rel = $rel ? ' rel="attachment wp-att-' . esc_attr($id).'"' : '';
 
        if ( $url )
-               $html = '<a href="' . clean_url($url) . "\"$rel>$html</a>";
+               $html = '<a href="' . esc_attr($url) . "\"$rel>$html</a>";
 
-       $html = apply_filters( 'image_send_to_editor', $html, $id, $alt, $title, $align, $url, $size );
+       $html = apply_filters( 'image_send_to_editor', $html, $id, $caption, $title, $align, $url, $size, $alt );
 
        return $html;
 }
 
-function image_add_caption( $html, $id, $alt, $title, $align, $url, $size ) {
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.6.0
+ *
+ * @param unknown_type $html
+ * @param unknown_type $id
+ * @param unknown_type $alt
+ * @param unknown_type $title
+ * @param unknown_type $align
+ * @param unknown_type $url
+ * @param unknown_type $size
+ * @return unknown
+ */
+function image_add_caption( $html, $id, $caption, $title, $align, $url, $size, $alt = '' ) {
+
+       if ( empty($caption) || apply_filters( 'disable_captions', '' ) )
+               return $html;
 
-       if ( empty($alt) || apply_filters( 'disable_captions', '' ) ) return $html;
        $id = ( 0 < (int) $id ) ? 'attachment_' . $id : '';
 
-       preg_match( '/width="([0-9]+)/', $html, $matches );
-       if ( ! isset($matches[1]) ) return $html;
+       if ( ! preg_match( '/width="([0-9]+)/', $html, $matches ) )
+               return $html;
+
        $width = $matches[1];
 
-       $html = preg_replace( '/align[^\s\'"]+\s?/', '', $html );
-       if ( empty($align) ) $align = 'none';
+       $caption = str_replace( array( '>',    '<',    '"',      "'" ),
+                                                       array( '&gt;', '&lt;', '&quot;', '&#039;' ),
+                                                       $caption
+                                                 );
+
+       $html = preg_replace( '/(class=["\'][^\'"]*)align(none|left|right|center)\s?/', '$1', $html );
+       if ( empty($align) )
+               $align = 'none';
 
        $shcode = '[caption id="' . $id . '" align="align' . $align
-       . '" width="' . $width . '" caption="' . $alt . '"]' . $html . '[/caption]';
+       . '" width="' . $width . '" caption="' . addslashes($caption) . '"]' . $html . '[/caption]';
 
        return apply_filters( 'image_add_caption_shortcode', $shcode, $html );
 }
-add_filter( 'image_send_to_editor', 'image_add_caption', 20, 7 );
-
+add_filter( 'image_send_to_editor', 'image_add_caption', 20, 8 );
+
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.5.0
+ *
+ * @param unknown_type $html
+ */
 function media_send_to_editor($html) {
-       ?>
+?>
 <script type="text/javascript">
 /* <![CDATA[ */
 var win = window.dialogArguments || opener || parent || top;
 win.send_to_editor('<?php echo addslashes($html); ?>');
 /* ]]> */
 </script>
-       <?php
+<?php
        exit;
 }
 
-// this handles the file upload POST itself, creating the attachment post
-function media_handle_upload($file_id, $post_id, $post_data = array()) {
-       $overrides = array('test_form'=>false);
-       $file = wp_handle_upload($_FILES[$file_id], $overrides);
+/**
+ * {@internal Missing Short Description}}
+ *
+ * This handles the file upload POST itself, creating the attachment post.
+ *
+ * @since 2.5.0
+ *
+ * @param string $file_id Index into the {@link $_FILES} array of the upload
+ * @param int $post_id The post ID the media is associated with
+ * @param array $post_data allows you to overwrite some of the attachment
+ * @param array $overrides allows you to override the {@link wp_handle_upload()} behavior
+ * @return int the ID of the attachment
+ */
+function media_handle_upload($file_id, $post_id, $post_data = array(), $overrides = array( 'test_form' => false )) {
+
+       $time = current_time('mysql');
+       if ( $post = get_post($post_id) ) {
+               if ( substr( $post->post_date, 0, 4 ) > 0 )
+                       $time = $post->post_date;
+       }
+
+       $name = $_FILES[$file_id]['name'];
+       $file = wp_handle_upload($_FILES[$file_id], $overrides, $time);
 
        if ( isset($file['error']) )
                return new WP_Error( 'upload_error', $file['error'] );
 
+       $name_parts = pathinfo($name);
+       $name = trim( substr( $name, 0, -(1 + strlen($name_parts['extension'])) ) );
+
        $url = $file['url'];
        $type = $file['type'];
        $file = $file['file'];
-       $title = preg_replace('/\.[^.]+$/', '', basename($file));
+       $title = $name;
        $content = '';
 
        // use image exif/iptc data for title and caption defaults if possible
        if ( $image_meta = @wp_read_image_metadata($file) ) {
-               if ( trim($image_meta['title']) )
+               if ( trim( $image_meta['title'] ) && ! is_numeric( sanitize_title( $image_meta['title'] ) ) )
                        $title = $image_meta['title'];
-               if ( trim($image_meta['caption']) )
+               if ( trim( $image_meta['caption'] ) )
                        $content = $image_meta['caption'];
        }
 
@@ -127,8 +228,12 @@ function media_handle_upload($file_id, $post_id, $post_data = array()) {
                'post_content' => $content,
        ), $post_data );
 
+       // This should never be set as it would then overwrite an existing attachment.
+       if ( isset( $attachment['ID'] ) )
+               unset( $attachment['ID'] );
+
        // Save the data
-       $id = wp_insert_attachment($attachment, $file, $post_parent);
+       $id = wp_insert_attachment($attachment, $file, $post_id);
        if ( !is_wp_error($id) ) {
                wp_update_attachment_metadata( $id, wp_generate_attachment_metadata( $id, $file ) );
        }
@@ -137,10 +242,21 @@ function media_handle_upload($file_id, $post_id, $post_data = array()) {
 
 }
 
+/**
+ * This handles a sideloaded file in the same way as an uploaded file is handled by {@link media_handle_upload()}
+ *
+ * @since 2.6.0
+ *
+ * @param array $file_array Array similar to a {@link $_FILES} upload array
+ * @param int $post_id The post ID the media is associated with
+ * @param string $desc Description of the sideloaded file
+ * @param array $post_data allows you to overwrite some of the attachment
+ * @return int|object The ID of the attachment or a WP_Error on failure
+ */
 function media_handle_sideload($file_array, $post_id, $desc = null, $post_data = array()) {
        $overrides = array('test_form'=>false);
-       $file = wp_handle_sideload($file_array, $overrides);
 
+       $file = wp_handle_sideload($file_array, $overrides);
        if ( isset($file['error']) )
                return new WP_Error( 'upload_error', $file['error'] );
 
@@ -152,13 +268,13 @@ function media_handle_sideload($file_array, $post_id, $desc = null, $post_data =
 
        // use image exif/iptc data for title and caption defaults if possible
        if ( $image_meta = @wp_read_image_metadata($file) ) {
-               if ( trim($image_meta['title']) )
+               if ( trim( $image_meta['title'] ) && ! is_numeric( sanitize_title( $image_meta['title'] ) ) )
                        $title = $image_meta['title'];
-               if ( trim($image_meta['caption']) )
+               if ( trim( $image_meta['caption'] ) )
                        $content = $image_meta['caption'];
        }
 
-       $title = @$desc;
+       $title = isset($desc) ? $desc : '';
 
        // Construct the attachment array
        $attachment = array_merge( array(
@@ -169,18 +285,28 @@ function media_handle_sideload($file_array, $post_id, $desc = null, $post_data =
                'post_content' => $content,
        ), $post_data );
 
-       // Save the data
-       $id = wp_insert_attachment($attachment, $file, $post_parent);
-       if ( !is_wp_error($id) ) {
+       // This should never be set as it would then overwrite an existing attachment.
+       if ( isset( $attachment['ID'] ) )
+               unset( $attachment['ID'] );
+
+       // Save the attachment metadata
+       $id = wp_insert_attachment($attachment, $file, $post_id);
+       if ( !is_wp_error($id) )
                wp_update_attachment_metadata( $id, wp_generate_attachment_metadata( $id, $file ) );
-               return $url;
-       }
+
        return $id;
 }
 
-
-// wrap iframe content (produced by $content_func) in a doctype, html head/body etc
-// any additional function args will be passed to content_func
+/**
+ * {@internal Missing Short Description}}
+ *
+ * Wrap iframe content (produced by $content_func) in a doctype, html head/body
+ * etc any additional function args will be passed to content_func.
+ *
+ * @since 2.5.0
+ *
+ * @param unknown_type $content_func
+ */
 function wp_iframe($content_func /* ... */) {
 ?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
@@ -192,19 +318,29 @@ function wp_iframe($content_func /* ... */) {
 wp_enqueue_style( 'global' );
 wp_enqueue_style( 'wp-admin' );
 wp_enqueue_style( 'colors' );
-if ( 0 === strpos( $content_func, 'media' ) )
+// Check callback name for 'media'
+if ( ( is_array( $content_func ) && ! empty( $content_func[1] ) && 0 === strpos( (string) $content_func[1], 'media' ) )
+       || ( ! is_array( $content_func ) && 0 === strpos( $content_func, 'media' ) ) )
        wp_enqueue_style( 'media' );
-
+wp_enqueue_style( 'ie' );
 ?>
 <script type="text/javascript">
 //<![CDATA[
-function addLoadEvent(func) {if ( typeof wpOnload!='function'){wpOnload=func;}else{ var oldonload=wpOnload;wpOnload=function(){oldonload();func();}}}
+addLoadEvent = function(func){if(typeof jQuery!="undefined")jQuery(document).ready(func);else if(typeof wpOnload!='function'){wpOnload=func;}else{var oldonload=wpOnload;wpOnload=function(){oldonload();func();}}};
+var userSettings = {'url':'<?php echo SITECOOKIEPATH; ?>','uid':'<?php if ( ! isset($current_user) ) $current_user = wp_get_current_user(); echo $current_user->ID; ?>','time':'<?php echo time(); ?>'};
+var ajaxurl = '<?php echo admin_url('admin-ajax.php'); ?>', pagenow = 'media-upload-popup', adminpage = 'media-upload-popup',
+isRtl = <?php echo (int) is_rtl(); ?>;
 //]]>
 </script>
 <?php
+do_action('admin_enqueue_scripts', 'media-upload-popup');
+do_action('admin_print_styles-media-upload-popup');
 do_action('admin_print_styles');
+do_action('admin_print_scripts-media-upload-popup');
 do_action('admin_print_scripts');
+do_action('admin_head-media-upload-popup');
 do_action('admin_head');
+
 if ( is_string($content_func) )
        do_action( "admin_head_{$content_func}" );
 ?>
@@ -214,42 +350,88 @@ if ( is_string($content_func) )
        $args = func_get_args();
        $args = array_slice($args, 1);
        call_user_func_array($content_func, $args);
+
+       do_action('admin_print_footer_scripts');
 ?>
+<script type="text/javascript">if(typeof wpOnload=='function')wpOnload();</script>
 </body>
 </html>
 <?php
 }
 
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.5.0
+ */
 function media_buttons() {
-       global $post_ID, $temp_ID;
-       $uploading_iframe_ID = (int) (0 == $post_ID ? $temp_ID : $post_ID);
-       $context = apply_filters('media_buttons_context', __('Add media: %s'));
-       $media_upload_iframe_src = "media-upload.php?post_id=$uploading_iframe_ID";
-       $media_title = __('Add Media');
-       $image_upload_iframe_src = apply_filters('image_upload_iframe_src', "$media_upload_iframe_src&amp;type=image");
-       $image_title = __('Add an Image');
-       $video_upload_iframe_src = apply_filters('video_upload_iframe_src', "$media_upload_iframe_src&amp;type=video");
-       $video_title = __('Add Video');
-       $audio_upload_iframe_src = apply_filters('audio_upload_iframe_src', "$media_upload_iframe_src&amp;type=audio");
-       $audio_title = __('Add Audio');
-       $out = <<<EOF
-
-       <a href="{$image_upload_iframe_src}&amp;TB_iframe=true" id="add_image" class="thickbox" title='$image_title'><img src='images/media-button-image.gif' alt='$image_title' /></a>
-       <a href="{$video_upload_iframe_src}&amp;TB_iframe=true" id="add_video" class="thickbox" title='$video_title'><img src='images/media-button-video.gif' alt='$video_title' /></a>
-       <a href="{$audio_upload_iframe_src}&amp;TB_iframe=true" id="add_audio" class="thickbox" title='$audio_title'><img src='images/media-button-music.gif' alt='$audio_title' /></a>
-       <a href="{$media_upload_iframe_src}&amp;TB_iframe=true" id="add_media" class="thickbox" title='$media_title'><img src='images/media-button-other.gif' alt='$media_title' /></a>
-
-EOF;
+       $do_image = $do_audio = $do_video = true;
+       if ( is_multisite() ) {
+               $media_buttons = get_site_option( 'mu_media_buttons' );
+               if ( empty($media_buttons['image']) )
+                       $do_image = false;
+               if ( empty($media_buttons['audio']) )
+                       $do_audio = false;
+               if ( empty($media_buttons['video']) )
+                       $do_video = false;
+       }
+       $out = '';
+
+       if ( $do_image )
+               $out .= _media_button(__('Add an Image'), 'images/media-button-image.gif?ver=20100531', 'image');
+       if ( $do_video )
+               $out .= _media_button(__('Add Video'), 'images/media-button-video.gif?ver=20100531', 'video');
+       if ( $do_audio )
+               $out .= _media_button(__('Add Audio'), 'images/media-button-music.gif?ver=20100531', 'audio');
+
+       $out .= _media_button(__('Add Media'), 'images/media-button-other.gif?ver=20100531', 'media');
+
+       $context = apply_filters('media_buttons_context', __('Upload/Insert %s'));
+
        printf($context, $out);
 }
 add_action( 'media_buttons', 'media_buttons' );
-add_action('media_upload_media', 'media_upload_handler');
 
+function _media_button($title, $icon, $type) {
+       return "<a href='" . esc_url( get_upload_iframe_src($type) ) . "' id='add_$type' class='thickbox' title='$title'><img src='" . esc_url( admin_url( $icon ) ) . "' alt='$title' onclick='return false;' /></a>";
+}
+
+function get_upload_iframe_src($type) {
+       global $post_ID, $temp_ID;
+       $uploading_iframe_ID = (int) (0 == $post_ID ? $temp_ID : $post_ID);
+       $upload_iframe_src = add_query_arg('post_id', $uploading_iframe_ID, 'media-upload.php');
+
+       if ( 'media' != $type )
+               $upload_iframe_src = add_query_arg('type', $type, $upload_iframe_src);
+       $upload_iframe_src = apply_filters($type . '_upload_iframe_src', $upload_iframe_src);
+
+       return add_query_arg('TB_iframe', true, $upload_iframe_src);
+}
+
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.5.0
+ *
+ * @return unknown
+ */
 function media_upload_form_handler() {
        check_admin_referer('media-form');
 
+       $errors = null;
+
+       if ( isset($_POST['send']) ) {
+               $keys = array_keys($_POST['send']);
+               $send_id = (int) array_shift($keys);
+       }
+
        if ( !empty($_POST['attachments']) ) foreach ( $_POST['attachments'] as $attachment_id => $attachment ) {
                $post = $_post = get_post($attachment_id, ARRAY_A);
+               $post_type_object = get_post_type_object( $post[ 'post_type' ] );
+
+               if ( !current_user_can( $post_type_object->cap->edit_post, $attachment_id ) )
+                       continue;
+
                if ( isset($attachment['post_content']) )
                        $post['post_content'] = $attachment['post_content'];
                if ( isset($attachment['post_title']) )
@@ -259,8 +441,22 @@ function media_upload_form_handler() {
                if ( isset($attachment['menu_order']) )
                        $post['menu_order'] = $attachment['menu_order'];
 
+               if ( isset($send_id) && $attachment_id == $send_id ) {
+                       if ( isset($attachment['post_parent']) )
+                               $post['post_parent'] = $attachment['post_parent'];
+               }
+
                $post = apply_filters('attachment_fields_to_save', $post, $attachment);
 
+               if ( isset($attachment['image_alt']) ) {
+                       $image_alt = get_post_meta($attachment_id, '_wp_attachment_image_alt', true);
+                       if ( $image_alt != stripslashes($attachment['image_alt']) ) {
+                               $image_alt = wp_strip_all_tags( stripslashes($attachment['image_alt']), true );
+                               // update_meta expects slashed
+                               update_post_meta( $attachment_id, '_wp_attachment_image_alt', addslashes($image_alt) );
+                       }
+               }
+
                if ( isset($post['errors']) ) {
                        $errors[$attachment_id] = $post['errors'];
                        unset($post['errors']);
@@ -269,24 +465,34 @@ function media_upload_form_handler() {
                if ( $post != $_post )
                        wp_update_post($post);
 
-               foreach ( get_attachment_taxonomies($post) as $t )
+               foreach ( get_attachment_taxonomies($post) as $t ) {
                        if ( isset($attachment[$t]) )
                                wp_set_object_terms($attachment_id, array_map('trim', preg_split('/,+/', $attachment[$t])), $t, false);
+               }
        }
 
-       if ( isset($_POST['insert-gallery']) )
-               return media_send_to_editor('[gallery]');
+       if ( isset($_POST['insert-gallery']) || isset($_POST['update-gallery']) ) { ?>
+               <script type="text/javascript">
+               /* <![CDATA[ */
+               var win = window.dialogArguments || opener || parent || top;
+               win.tb_remove();
+               /* ]]> */
+               </script>
+               <?php
+               exit;
+       }
 
-       if ( isset($_POST['send']) ) {
-               $keys = array_keys($_POST['send']);
-               $send_id = (int) array_shift($keys);
+       if ( isset($send_id) ) {
                $attachment = stripslashes_deep( $_POST['attachments'][$send_id] );
+
                $html = $attachment['post_title'];
                if ( !empty($attachment['url']) ) {
-                       if ( strpos($attachment['url'], 'attachment_id') || false !== strpos($attachment['url'], get_permalink($_POST['post_id'])) )
-                               $rel = " rel='attachment wp-att-".attribute_escape($send_id)."'";
+                       $rel = '';
+                       if ( strpos($attachment['url'], 'attachment_id') || get_attachment_link($send_id) == $attachment['url'] )
+                               $rel = " rel='attachment wp-att-" . esc_attr($send_id) . "'";
                        $html = "<a href='{$attachment['url']}'$rel>$html</a>";
                }
+
                $html = apply_filters('media_send_to_editor', $html, $send_id, $attachment);
                return media_send_to_editor($html);
        }
@@ -294,8 +500,19 @@ function media_upload_form_handler() {
        return $errors;
 }
 
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.5.0
+ *
+ * @return unknown
+ */
 function media_upload_image() {
+       $errors = array();
+       $id = 0;
+
        if ( isset($_POST['html-upload']) && !empty($_FILES) ) {
+               check_admin_referer('media-form');
                // Upload File button was clicked
                $id = media_handle_upload('async-upload', $_REQUEST['post_id']);
                unset($_FILES);
@@ -306,16 +523,20 @@ function media_upload_image() {
        }
 
        if ( !empty($_POST['insertonlybutton']) ) {
+               $alt = $align = '';
+
                $src = $_POST['insertonly']['src'];
                if ( !empty($src) && !strpos($src, '://') )
                        $src = "http://$src";
-               $alt = attribute_escape($_POST['insertonly']['alt']);
+               $alt = esc_attr($_POST['insertonly']['alt']);
                if ( isset($_POST['insertonly']['align']) ) {
-                       $align = attribute_escape($_POST['insertonly']['align']);
+                       $align = esc_attr($_POST['insertonly']['align']);
                        $class = " class='align$align'";
                }
                if ( !empty($src) )
-                       $html = "<img src='$src' alt='$alt'$class />";
+                       $html = "<img src='" . esc_url($src) . "' alt='$alt'$class />";
+
+               $html = apply_filters('image_send_to_editor_url', $html, esc_url_raw($src), $alt, $align);
                return media_send_to_editor($html);
        }
 
@@ -333,33 +554,71 @@ function media_upload_image() {
                return media_upload_gallery();
        }
 
+       if ( isset($_GET['tab']) && $_GET['tab'] == 'type_url' )
+               return wp_iframe( 'media_upload_type_url_form', 'image', $errors, $id );
+
        return wp_iframe( 'media_upload_type_form', 'image', $errors, $id );
 }
 
+/**
+ * Download an image from the specified URL and attach it to a post.
+ *
+ * @since 2.6.0
+ *
+ * @param string $file The URL of the image to download
+ * @param int $post_id The post ID the media is to be associated with
+ * @param string $desc Optional. Description of the image
+ * @return string|WP_Error Populated HTML img tag on success
+ */
 function media_sideload_image($file, $post_id, $desc = null) {
-       if (!empty($file) ) {
-               $file_array['name'] = basename($file);
-               $file_array['tmp_name'] = download_url($file);
-               $desc = @$desc;
-
-               $id = media_handle_sideload($file_array, $post_id, $desc);
-               $src = $id;
+       if ( ! empty($file) ) {
+               // Download file to temp location
+               $tmp = download_url( $file );
+
+               // Set variables for storage
+               // fix file filename for query strings
+               preg_match('/[^\?]+\.(jpg|JPG|jpe|JPE|jpeg|JPEG|gif|GIF|png|PNG)/', $file, $matches);
+               $file_array['name'] = basename($matches[0]);
+               $file_array['tmp_name'] = $tmp;
+
+               // If error storing temporarily, unlink
+               if ( is_wp_error( $tmp ) ) {
+                       @unlink($file_array['tmp_name']);
+                       $file_array['tmp_name'] = '';
+               }
 
+               // do the validation and storage stuff
+               $id = media_handle_sideload( $file_array, $post_id, $desc );
+               // If error storing permanently, unlink
                if ( is_wp_error($id) ) {
                        @unlink($file_array['tmp_name']);
                        return $id;
                }
+
+               $src = wp_get_attachment_url( $id );
        }
 
-       if ( !empty($src) ) {
-               $alt = @$desc;
+       // Finally check to make sure the file has been saved, then return the html
+       if ( ! empty($src) ) {
+               $alt = isset($desc) ? esc_attr($desc) : '';
                $html = "<img src='$src' alt='$alt' />";
                return $html;
        }
 }
 
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.5.0
+ *
+ * @return unknown
+ */
 function media_upload_audio() {
+       $errors = array();
+       $id = 0;
+
        if ( isset($_POST['html-upload']) && !empty($_FILES) ) {
+               check_admin_referer('media-form');
                // Upload File button was clicked
                $id = media_handle_upload('async-upload', $_REQUEST['post_id']);
                unset($_FILES);
@@ -373,11 +632,16 @@ function media_upload_audio() {
                $href = $_POST['insertonly']['href'];
                if ( !empty($href) && !strpos($href, '://') )
                        $href = "http://$href";
-               $title = attribute_escape($_POST['insertonly']['title']);
+
+               $title = esc_attr($_POST['insertonly']['title']);
                if ( empty($title) )
-                       $title = basename($href);
+            $title = esc_attr( basename($href) );
+
                if ( !empty($title) && !empty($href) )
-                       $html = "<a href='$href' >$title</a>";
+            $html = "<a href='" . esc_url($href) . "' >$title</a>";
+
+               $html = apply_filters('audio_send_to_editor_url', $html, $href, $title);
+
                return media_send_to_editor($html);
        }
 
@@ -395,11 +659,25 @@ function media_upload_audio() {
                return media_upload_gallery();
        }
 
+       if ( isset($_GET['tab']) && $_GET['tab'] == 'type_url' )
+               return wp_iframe( 'media_upload_type_url_form', 'audio', $errors, $id );
+
        return wp_iframe( 'media_upload_type_form', 'audio', $errors, $id );
 }
 
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.5.0
+ *
+ * @return unknown
+ */
 function media_upload_video() {
+       $errors = array();
+       $id = 0;
+
        if ( isset($_POST['html-upload']) && !empty($_FILES) ) {
+               check_admin_referer('media-form');
                // Upload File button was clicked
                $id = media_handle_upload('async-upload', $_REQUEST['post_id']);
                unset($_FILES);
@@ -413,11 +691,16 @@ function media_upload_video() {
                $href = $_POST['insertonly']['href'];
                if ( !empty($href) && !strpos($href, '://') )
                        $href = "http://$href";
-               $title = attribute_escape($_POST['insertonly']['title']);
-               if ( empty($title) )
-                       $title = basename($href);
+
+               $title = esc_attr($_POST['insertonly']['title']);
+        if ( empty($title) )
+            $title = esc_attr( basename($href) );
+
                if ( !empty($title) && !empty($href) )
-                       $html = "<a href='$href' >$title</a>";
+            $html = "<a href='" . esc_url($href) . "' >$title</a>";
+
+               $html = apply_filters('video_send_to_editor_url', $html, $href, $title);
+
                return media_send_to_editor($html);
        }
 
@@ -435,11 +718,25 @@ function media_upload_video() {
                return media_upload_gallery();
        }
 
+       if ( isset($_GET['tab']) && $_GET['tab'] == 'type_url' )
+               return wp_iframe( 'media_upload_type_url_form', 'video', $errors, $id );
+
        return wp_iframe( 'media_upload_type_form', 'video', $errors, $id );
 }
 
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.5.0
+ *
+ * @return unknown
+ */
 function media_upload_file() {
+       $errors = array();
+       $id = 0;
+
        if ( isset($_POST['html-upload']) && !empty($_FILES) ) {
+               check_admin_referer('media-form');
                // Upload File button was clicked
                $id = media_handle_upload('async-upload', $_REQUEST['post_id']);
                unset($_FILES);
@@ -453,11 +750,13 @@ function media_upload_file() {
                $href = $_POST['insertonly']['href'];
                if ( !empty($href) && !strpos($href, '://') )
                        $href = "http://$href";
-               $title = attribute_escape($_POST['insertonly']['title']);
+
+               $title = esc_attr($_POST['insertonly']['title']);
                if ( empty($title) )
                        $title = basename($href);
                if ( !empty($title) && !empty($href) )
-                       $html = "<a href='$href' >$title</a>";
+                       $html = "<a href='" . esc_url($href) . "' >$title</a>";
+               $html = apply_filters('file_send_to_editor_url', $html, esc_url_raw($href), $title);
                return media_send_to_editor($html);
        }
 
@@ -475,10 +774,22 @@ function media_upload_file() {
                return media_upload_gallery();
        }
 
+       if ( isset($_GET['tab']) && $_GET['tab'] == 'type_url' )
+               return wp_iframe( 'media_upload_type_url_form', 'file', $errors, $id );
+
        return wp_iframe( 'media_upload_type_form', 'file', $errors, $id );
 }
 
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.5.0
+ *
+ * @return unknown
+ */
 function media_upload_gallery() {
+       $errors = array();
+
        if ( !empty($_POST) ) {
                $return = media_upload_form_handler();
 
@@ -492,7 +803,15 @@ function media_upload_gallery() {
        return wp_iframe( 'media_upload_gallery_form', $errors );
 }
 
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.5.0
+ *
+ * @return unknown
+ */
 function media_upload_library() {
+       $errors = array();
        if ( !empty($_POST) ) {
                $return = media_upload_form_handler();
 
@@ -505,52 +824,196 @@ function media_upload_library() {
        return wp_iframe( 'media_upload_library_form', $errors );
 }
 
+/**
+ * Retrieve HTML for the image alignment radio buttons with the specified one checked.
+ *
+ * @since 2.7.0
+ *
+ * @param unknown_type $post
+ * @param unknown_type $checked
+ * @return unknown
+ */
+function image_align_input_fields( $post, $checked = '' ) {
+
+       if ( empty($checked) )
+               $checked = get_user_setting('align', 'none');
+
+       $alignments = array('none' => __('None'), 'left' => __('Left'), 'center' => __('Center'), 'right' => __('Right'));
+       if ( !array_key_exists( (string) $checked, $alignments ) )
+               $checked = 'none';
+
+       $out = array();
+       foreach ( $alignments as $name => $label ) {
+               $name = esc_attr($name);
+               $out[] = "<input type='radio' name='attachments[{$post->ID}][align]' id='image-align-{$name}-{$post->ID}' value='$name'".
+                       ( $checked == $name ? " checked='checked'" : "" ) .
+                       " /><label for='image-align-{$name}-{$post->ID}' class='align image-align-{$name}-label'>$label</label>";
+       }
+       return join("\n", $out);
+}
+
+/**
+ * Retrieve HTML for the size radio buttons with the specified one checked.
+ *
+ * @since 2.7.0
+ *
+ * @param unknown_type $post
+ * @param unknown_type $check
+ * @return unknown
+ */
+function image_size_input_fields( $post, $check = '' ) {
+
+               // get a list of the actual pixel dimensions of each possible intermediate version of this image
+               $size_names = array('thumbnail' => __('Thumbnail'), 'medium' => __('Medium'), 'large' => __('Large'), 'full' => __('Full Size'));
+
+               if ( empty($check) )
+                       $check = get_user_setting('imgsize', 'medium');
+
+               foreach ( $size_names as $size => $label ) {
+                       $downsize = image_downsize($post->ID, $size);
+                       $checked = '';
+
+                       // is this size selectable?
+                       $enabled = ( $downsize[3] || 'full' == $size );
+                       $css_id = "image-size-{$size}-{$post->ID}";
+                       // if this size is the default but that's not available, don't select it
+                       if ( $size == $check ) {
+                               if ( $enabled )
+                                       $checked = " checked='checked'";
+                               else
+                                       $check = '';
+                       } elseif ( !$check && $enabled && 'thumbnail' != $size ) {
+                               // if $check is not enabled, default to the first available size that's bigger than a thumbnail
+                               $check = $size;
+                               $checked = " checked='checked'";
+                       }
+
+                       $html = "<div class='image-size-item'><input type='radio' " . disabled( $enabled, false, false ) . "name='attachments[$post->ID][image-size]' id='{$css_id}' value='{$size}'$checked />";
+
+                       $html .= "<label for='{$css_id}'>$label</label>";
+                       // only show the dimensions if that choice is available
+                       if ( $enabled )
+                               $html .= " <label for='{$css_id}' class='help'>" . sprintf( "(%d&nbsp;&times;&nbsp;%d)", $downsize[1], $downsize[2] ). "</label>";
+
+                       $html .= '</div>';
+
+                       $out[] = $html;
+               }
+
+               return array(
+                       'label' => __('Size'),
+                       'input' => 'html',
+                       'html'  => join("\n", $out),
+               );
+}
+
+/**
+ * Retrieve HTML for the Link URL buttons with the default link type as specified.
+ *
+ * @since 2.7.0
+ *
+ * @param unknown_type $post
+ * @param unknown_type $url_type
+ * @return unknown
+ */
+function image_link_input_fields($post, $url_type = '') {
+
+       $file = wp_get_attachment_url($post->ID);
+       $link = get_attachment_link($post->ID);
+
+       if ( empty($url_type) )
+               $url_type = get_user_setting('urlbutton', 'post');
+
+       $url = '';
+       if ( $url_type == 'file' )
+               $url = $file;
+       elseif ( $url_type == 'post' )
+               $url = $link;
+
+       return "
+       <input type='text' class='text urlfield' name='attachments[$post->ID][url]' value='" . esc_attr($url) . "' /><br />
+       <button type='button' class='button urlnone' title=''>" . __('None') . "</button>
+       <button type='button' class='button urlfile' title='" . esc_attr($file) . "'>" . __('File URL') . "</button>
+       <button type='button' class='button urlpost' title='" . esc_attr($link) . "'>" . __('Post URL') . "</button>
+";
+}
+
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.5.0
+ *
+ * @param unknown_type $form_fields
+ * @param unknown_type $post
+ * @return unknown
+ */
 function image_attachment_fields_to_edit($form_fields, $post) {
        if ( substr($post->post_mime_type, 0, 5) == 'image' ) {
-               $form_fields['post_title']['required'] = true;
+               $alt = get_post_meta($post->ID, '_wp_attachment_image_alt', true);
+               if ( empty($alt) )
+                       $alt = '';
 
-               $form_fields['post_excerpt']['label'] = __('Caption');
-               $form_fields['post_excerpt']['helps'][] = __('Also used as alternate text for the image');
-
-               $form_fields['post_content']['label'] = __('Description');
+               $form_fields['post_title']['required'] = true;
 
-               $thumb = wp_get_attachment_thumb_url($post->ID);
+               $form_fields['image_alt'] = array(
+                       'value' => $alt,
+                       'label' => __('Alternate Text'),
+                       'helps' => __('Alt text for the image, e.g. &#8220;The Mona Lisa&#8221;')
+               );
 
                $form_fields['align'] = array(
                        'label' => __('Alignment'),
                        'input' => 'html',
-                       'html'  => "
-                               <input type='radio' name='attachments[$post->ID][align]' id='image-align-none-$post->ID' value='none' checked='checked' />
-                               <label for='image-align-none-$post->ID' class='align image-align-none-label'>" . __('None') . "</label>
-                               <input type='radio' name='attachments[$post->ID][align]' id='image-align-left-$post->ID' value='left' />
-                               <label for='image-align-left-$post->ID' class='align image-align-left-label'>" . __('Left') . "</label>
-                               <input type='radio' name='attachments[$post->ID][align]' id='image-align-center-$post->ID' value='center' />
-                               <label for='image-align-center-$post->ID' class='align image-align-center-label'>" . __('Center') . "</label>
-                               <input type='radio' name='attachments[$post->ID][align]' id='image-align-right-$post->ID' value='right' />
-                               <label for='image-align-right-$post->ID' class='align image-align-right-label'>" . __('Right') . "</label>\n",
-               );
-               $form_fields['image-size'] = array(
-                       'label' => __('Size'),
-                       'input' => 'html',
-                       'html'  => "
-                               " . ( $thumb ? "<input type='radio' name='attachments[$post->ID][image-size]' id='image-size-thumb-$post->ID' value='thumbnail' />
-                               <label for='image-size-thumb-$post->ID'>" . __('Thumbnail') . "</label>
-                               " : '' ) . "<input type='radio' name='attachments[$post->ID][image-size]' id='image-size-medium-$post->ID' value='medium' checked='checked' />
-                               <label for='image-size-medium-$post->ID'>" . __('Medium') . "</label>
-                               <input type='radio' name='attachments[$post->ID][image-size]' id='image-size-full-$post->ID' value='full' />
-                               <label for='image-size-full-$post->ID'>" . __('Full size') . "</label>",
+                       'html'  => image_align_input_fields($post, get_option('image_default_align')),
                );
+
+               $form_fields['image-size'] = image_size_input_fields( $post, get_option('image_default_size', 'medium') );
+
+       } else {
+               unset( $form_fields['image_alt'] );
        }
        return $form_fields;
 }
 
 add_filter('attachment_fields_to_edit', 'image_attachment_fields_to_edit', 10, 2);
 
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.5.0
+ *
+ * @param unknown_type $form_fields
+ * @param unknown_type $post
+ * @return unknown
+ */
 function media_single_attachment_fields_to_edit( $form_fields, $post ) {
        unset($form_fields['url'], $form_fields['align'], $form_fields['image-size']);
        return $form_fields;
 }
 
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.8.0
+ *
+ * @param unknown_type $form_fields
+ * @param unknown_type $post
+ * @return unknown
+ */
+function media_post_single_attachment_fields_to_edit( $form_fields, $post ) {
+       unset($form_fields['image_url']);
+       return $form_fields;
+}
+
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.5.0
+ *
+ * @param unknown_type $post
+ * @param unknown_type $attachment
+ * @return unknown
+ */
 function image_attachment_fields_to_save($post, $attachment) {
        if ( substr($post['post_mime_type'], 0, 5) == 'image' ) {
                if ( strlen(trim($post['post_title'])) == 0 ) {
@@ -564,24 +1027,26 @@ function image_attachment_fields_to_save($post, $attachment) {
 
 add_filter('attachment_fields_to_save', 'image_attachment_fields_to_save', 10, 2);
 
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.5.0
+ *
+ * @param unknown_type $html
+ * @param unknown_type $attachment_id
+ * @param unknown_type $attachment
+ * @return unknown
+ */
 function image_media_send_to_editor($html, $attachment_id, $attachment) {
        $post =& get_post($attachment_id);
        if ( substr($post->post_mime_type, 0, 5) == 'image' ) {
                $url = $attachment['url'];
-
-               if ( isset($attachment['align']) )
-                       $align = $attachment['align'];
-               else
-                       $align = 'none';
-
-               if ( !empty($attachment['image-size']) )
-                       $size = $attachment['image-size'];
-               else
-                       $size = 'medium';
-
+               $align = !empty($attachment['align']) ? $attachment['align'] : 'none';
+               $size = !empty($attachment['image-size']) ? $attachment['image-size'] : 'medium';
+               $alt = !empty($attachment['image_alt']) ? $attachment['image_alt'] : '';
                $rel = ( $url == get_attachment_link($attachment_id) );
 
-               return get_image_send_to_editor($attachment_id, $attachment['post_excerpt'], $attachment['post_title'], $align, $url, $rel, $size);
+               return get_image_send_to_editor($attachment_id, $attachment['post_excerpt'], $attachment['post_title'], $align, $url, $rel, $size, $alt);
        }
 
        return $html;
@@ -589,51 +1054,65 @@ function image_media_send_to_editor($html, $attachment_id, $attachment) {
 
 add_filter('media_send_to_editor', 'image_media_send_to_editor', 10, 3);
 
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.5.0
+ *
+ * @param unknown_type $post
+ * @param unknown_type $errors
+ * @return unknown
+ */
 function get_attachment_fields_to_edit($post, $errors = null) {
        if ( is_int($post) )
                $post =& get_post($post);
        if ( is_array($post) )
                $post = (object) $post;
 
+       $image_url = wp_get_attachment_url($post->ID);
+
        $edit_post = sanitize_post($post, 'edit');
-       $file = wp_get_attachment_url($post->ID);
-       $link = get_attachment_link($post->ID);
+
+
 
        $form_fields = array(
                'post_title'   => array(
                        'label'      => __('Title'),
-                       'value'      => $edit_post->post_title,
+                       'value'      => $edit_post->post_title
                ),
+               'image_alt'   => array(),
                'post_excerpt' => array(
                        'label'      => __('Caption'),
-                       'value'      => $edit_post->post_excerpt,
+                       'value'      => $edit_post->post_excerpt
                ),
                'post_content' => array(
                        'label'      => __('Description'),
                        'value'      => $edit_post->post_content,
-                       'input'      => 'textarea',
+                       'input'      => 'textarea'
                ),
                'url'          => array(
                        'label'      => __('Link URL'),
                        'input'      => 'html',
-                       'html'       => "
-                               <input type='text' name='attachments[$post->ID][url]' value='" . attribute_escape($file) . "' /><br />
-                               <button type='button' class='button url-$post->ID' value=''>" . __('None') . "</button>
-                               <button type='button' class='button url-$post->ID' value='" . attribute_escape($file) . "'>" . __('File URL') . "</button>
-                               <button type='button' class='button url-$post->ID' value='" . attribute_escape($link) . "'>" . __('Post URL') . "</button>
-                               <script type='text/javascript'>
-                               jQuery('button.url-$post->ID').bind('click', function(){jQuery(this).siblings('input').val(this.value);});
-                               </script>\n",
-                       'helps'      => __('Enter a link URL or click above for presets.'),
+                       'html'       => image_link_input_fields($post, get_option('image_default_link_type')),
+                       'helps'      => __('Enter a link URL or click above for presets.')
                ),
-       'menu_order'   => array(
+               'menu_order'   => array(
                        'label'      => __('Order'),
                        'value'      => $edit_post->menu_order
                ),
+               'image_url'     => array(
+                       'label'      => __('File URL'),
+                       'input'      => 'html',
+                       'html'       => "<input type='text' class='text urlfield' readonly='readonly' name='attachments[$post->ID][url]' value='" . esc_attr($image_url) . "' /><br />",
+                       'value'      => wp_get_attachment_url($post->ID),
+                       'helps'      => __('Location of the uploaded file.')
+               )
        );
 
        foreach ( get_attachment_taxonomies($post) as $taxonomy ) {
                $t = (array) get_taxonomy($taxonomy);
+               if ( ! $t['public'] )
+                       continue;
                if ( empty($t['label']) )
                        $t['label'] = $taxonomy;
                if ( empty($t['args']) )
@@ -661,7 +1140,21 @@ function get_attachment_fields_to_edit($post, $errors = null) {
        return $form_fields;
 }
 
+/**
+ * Retrieve HTML for media items of post gallery.
+ *
+ * The HTML markup retrieved will be created for the progress of SWF Upload
+ * component. Will also create link for showing and hiding the form to modify
+ * the image attachment.
+ *
+ * @since 2.5.0
+ *
+ * @param int $post_id Optional. Post ID.
+ * @param array $errors Errors for attachment, if any.
+ * @return string
+ */
 function get_media_items( $post_id, $errors ) {
+       $attachments = array();
        if ( $post_id ) {
                $post = get_post($post_id);
                if ( $post && $post->post_type == 'attachment' )
@@ -674,57 +1167,62 @@ function get_media_items( $post_id, $errors ) {
                                $attachments[$attachment->ID] = $attachment;
        }
 
-       if ( empty($attachments) )
-               return '';
-
-       foreach ( $attachments as $id => $attachment )
+       $output = '';
+       foreach ( (array) $attachments as $id => $attachment ) {
+               if ( $attachment->post_status == 'trash' )
+                       continue;
                if ( $item = get_media_item( $id, array( 'errors' => isset($errors[$id]) ? $errors[$id] : null) ) )
                        $output .= "\n<div id='media-item-$id' class='media-item child-of-$attachment->post_parent preloaded'><div class='progress'><div class='bar'></div></div><div id='media-upload-error-$id'></div><div class='filename'></div>$item\n</div>";
+       }
 
        return $output;
 }
 
+/**
+ * Retrieve HTML form for modifying the image attachment.
+ *
+ * @since 2.5.0
+ *
+ * @param int $attachment_id Attachment ID for modification.
+ * @param string|array $args Optional. Override defaults.
+ * @return string HTML form for attachment.
+ */
 function get_media_item( $attachment_id, $args = null ) {
        global $redir_tab;
 
-       $default_args = array( 'errors' => null, 'send' => true, 'delete' => true, 'toggle' => true );
-       $args = wp_parse_args( $args, $default_args );
-       extract( $args, EXTR_SKIP );
-
-       global $post_mime_types;
-       if ( ( $attachment_id = intval($attachment_id) ) && $thumb_url = get_attachment_icon_src( $attachment_id ) )
+       if ( ( $attachment_id = intval( $attachment_id ) ) && $thumb_url = wp_get_attachment_image_src( $attachment_id, 'thumbnail', true ) )
                $thumb_url = $thumb_url[0];
        else
-               return false;
+               $thumb_url = false;
 
-       $title_label = __('Title');
-       $description_label = __('Description');
-       $tags_label = __('Tags');
+       $post = get_post( $attachment_id );
 
-       $toggle_on = __('Show');
-       $toggle_off = __('Hide');
+       $default_args = array( 'errors' => null, 'send' => $post->post_parent ? post_type_supports( get_post_type( $post->post_parent ), 'editor' ) : true, 'delete' => true, 'toggle' => true, 'show_title' => true );
+       $args = wp_parse_args( $args, $default_args );
+       $args = apply_filters( 'get_media_item_args', $args );
+       extract( $args, EXTR_SKIP );
+
+       $toggle_on  = __( 'Show' );
+       $toggle_off = __( 'Hide' );
 
-       $post = get_post($attachment_id);
+       $filename = esc_html( basename( $post->guid ) );
+       $title = esc_attr( $post->post_title );
 
-       $filename = basename($post->guid);
-       $title = attribute_escape($post->post_title);
-       $description = attribute_escape($post->post_content);
-       if ( $_tags = get_the_tags($attachment_id) ) {
+       if ( $_tags = get_the_tags( $attachment_id ) ) {
                foreach ( $_tags as $tag )
                        $tags[] = $tag->name;
-               $tags = attribute_escape(join(', ', $tags));
+               $tags = esc_attr( join( ', ', $tags ) );
        }
 
-       if ( isset($post_mime_types) ) {
-               $keys = array_keys(wp_match_mime_types(array_keys($post_mime_types), $post->post_mime_type));
-               $type = array_shift($keys);
-               $type = "<input type='hidden' id='type-of-$attachment_id' value='" . attribute_escape( $type ) . "' />";
-       }
+       $post_mime_types = get_post_mime_types();
+       $keys = array_keys( wp_match_mime_types( array_keys( $post_mime_types ), $post->post_mime_type ) );
+       $type = array_shift( $keys );
+       $type_html = "<input type='hidden' id='type-of-$attachment_id' value='" . esc_attr( $type ) . "' />";
 
-       $form_fields = get_attachment_fields_to_edit($post, $errors);
+       $form_fields = get_attachment_fields_to_edit( $post, $errors );
 
        if ( $toggle ) {
-               $class = empty($errors) ? 'startclosed' : 'startopen';
+               $class = empty( $errors ) ? 'startclosed' : 'startopen';
                $toggle_links = "
        <a class='toggle describe-toggle-on' href='#'>$toggle_on</a>
        <a class='toggle describe-toggle-off' href='#'>$toggle_off</a>";
@@ -734,39 +1232,65 @@ function get_media_item( $attachment_id, $args = null ) {
        }
 
        $display_title = ( !empty( $title ) ) ? $title : $filename; // $title shouldn't ever be empty, but just in case
-       $display_title = wp_html_excerpt($display_title, 60);
+       $display_title = $show_title ? "<div class='filename new'><span class='title'>" . wp_html_excerpt( $display_title, 60 ) . "</span></div>" : '';
 
-       $gallery = ( (isset($_REQUEST['tab']) && 'gallery' == $_REQUEST['tab']) || (isset($redir_tab) && 'gallery' == $redir_tab) ) ? true : false;
+       $gallery = ( ( isset( $_REQUEST['tab'] ) && 'gallery' == $_REQUEST['tab'] ) || ( isset( $redir_tab ) && 'gallery' == $redir_tab ) );
        $order = '';
 
        foreach ( $form_fields as $key => $val ) {
                if ( 'menu_order' == $key ) {
                        if ( $gallery )
-                               $order = '<div class="menu_order"> <input class="menu_order_input" type="text" id="attachments['.$attachment_id.'][menu_order]" name="attachments['.$attachment_id.'][menu_order]" value="'.$val['value'].'" /></div>';
+                               $order = "<div class='menu_order'> <input class='menu_order_input' type='text' id='attachments[$attachment_id][menu_order]' name='attachments[$attachment_id][menu_order]' value='" . esc_attr( $val['value'] ). "' /></div>";
                        else
-                               $order = '<input type="hidden" name="attachments['.$attachment_id.'][menu_order]" value="'.$val['value'].'" />';
+                               $order = "<input type='hidden' name='attachments[$attachment_id][menu_order]' value='" . esc_attr( $val['value'] ) . "' />";
 
-                       unset($form_fields['menu_order']);
+                       unset( $form_fields['menu_order'] );
                        break;
                }
        }
 
+       $media_dims = '';
+       $meta = wp_get_attachment_metadata( $post->ID );
+       if ( is_array( $meta ) && array_key_exists( 'width', $meta ) && array_key_exists( 'height', $meta ) )
+               $media_dims .= "<span id='media-dims-$post->ID'>{$meta['width']}&nbsp;&times;&nbsp;{$meta['height']}</span> ";
+       $media_dims = apply_filters( 'media_meta', $media_dims, $post );
+
+       $image_edit_button = '';
+       if ( gd_edit_image_support( $post->post_mime_type ) ) {
+               $nonce = wp_create_nonce( "image_editor-$post->ID" );
+               $image_edit_button = "<input type='button' id='imgedit-open-btn-$post->ID' onclick='imageEdit.open( $post->ID, \"$nonce\" )' class='button' value='" . esc_attr__( 'Edit Image' ) . "' /> <img src='" . esc_url( admin_url( 'images/wpspin_light.gif' ) ) . "' class='imgedit-wait-spin' alt='' />";
+       }
+
+       $attachment_url = get_permalink( $attachment_id );
+
        $item = "
-       $type
+       $type_html
        $toggle_links
        $order
-       <div class='filename new'>$display_title</div>
+       $display_title
        <table class='slidetoggle describe $class'>
-               <thead class='media-item-info'>
-               <tr>
-                       <td class='A1B1' rowspan='4'><img class='thumbnail' src='$thumb_url' alt='' /></td>
-                       <td>$filename</td>
-               </tr>
-               <tr><td>$post->post_mime_type</td></tr>
-               <tr><td>" . mysql2date($post->post_date, get_option('time_format')) . "</td></tr>
-               <tr><td>" . apply_filters('media_meta', '', $post) . "</td></tr>
+               <thead class='media-item-info' id='media-head-$post->ID'>
+               <tr valign='top'>
+                       <td class='A1B1' id='thumbnail-head-$post->ID'>
+                       <p><a href='$attachment_url' target='_blank'><img class='thumbnail' src='$thumb_url' alt='' style='margin-top: 3px' /></a></p>
+                       <p>$image_edit_button</p>
+                       </td>
+                       <td>
+                       <p><strong>" . __('File name:') . "</strong> $filename</p>
+                       <p><strong>" . __('File type:') . "</strong> $post->post_mime_type</p>
+                       <p><strong>" . __('Upload date:') . "</strong> " . mysql2date( get_option('date_format'), $post->post_date ). '</p>';
+                       if ( !empty( $media_dims ) )
+                               $item .= "<p><strong>" . __('Dimensions:') . "</strong> $media_dims</p>\n";
+
+                       $item .= "</td></tr>\n";
+
+
+
+       $item .= "
                </thead>
-               <tbody>\n";
+               <tbody>
+               <tr><td colspan='2' class='imgedit-response' id='imgedit-response-$post->ID'></td></tr>
+               <tr><td style='display:none' colspan='2' class='image-editor' id='image-editor-$post->ID'></td></tr>\n";
 
        $defaults = array(
                'input'      => 'text',
@@ -775,28 +1299,51 @@ function get_media_item( $attachment_id, $args = null ) {
                'extra_rows' => array(),
        );
 
-       $delete_href = wp_nonce_url("post.php?action=delete-post&amp;post=$attachment_id", 'delete-post_' . $attachment_id);
        if ( $send )
-               $send = "<input type='submit' class='button' name='send[$attachment_id]' value='" . attribute_escape( __( 'Insert into Post' ) ) . "' />";
-       if ( $delete )
-               $delete = "<a href=\"#\" class=\"del-link\" onclick=\"document.getElementById('del_attachment_$attachment_id').style.display='block';return false;\">" . __('Delete') . "</a>";
-       if ( ( $send || $delete ) && !isset($form_fields['buttons']) )
-               $form_fields['buttons'] = array('tr' => "\t\t<tr class='submit'><td></td><td class='savesend'>$send $delete
-               <div id=\"del_attachment_$attachment_id\" class=\"del-attachment\" style=\"display:none;\">" . sprintf(__("You are about to delete <strong>%s</strong>."), $filename) . " <a href=\"$delete_href\" id=\"del[$attachment_id]\" class=\"delete\">" . __('Continue') . "</a>
-               <a href=\"#\" class=\"del-link\" onclick=\"this.parentNode.style.display='none';return false;\">" . __('Cancel') . "</a></div></td></tr>\n");
+               $send = get_submit_button( __( 'Insert into Post' ), 'button', "send[$attachment_id]", false );
+       if ( $delete && current_user_can( 'delete_post', $attachment_id ) ) {
+               if ( !EMPTY_TRASH_DAYS ) {
+                       $delete = "<a href='" . wp_nonce_url( "post.php?action=delete&amp;post=$attachment_id", 'delete-attachment_' . $attachment_id ) . "' id='del[$attachment_id]' class='delete'>" . __( 'Delete Permanently' ) . '</a>';
+               } elseif ( !MEDIA_TRASH ) {
+                       $delete = "<a href='#' class='del-link' onclick=\"document.getElementById('del_attachment_$attachment_id').style.display='block';return false;\">" . __( 'Delete' ) . "</a>
+                        <div id='del_attachment_$attachment_id' class='del-attachment' style='display:none;'>" . sprintf( __( 'You are about to delete <strong>%s</strong>.' ), $filename ) . "
+                        <a href='" . wp_nonce_url( "post.php?action=delete&amp;post=$attachment_id", 'delete-attachment_' . $attachment_id ) . "' id='del[$attachment_id]' class='button'>" . __( 'Continue' ) . "</a>
+                        <a href='#' class='button' onclick=\"this.parentNode.style.display='none';return false;\">" . __( 'Cancel' ) . "</a>
+                        </div>";
+               } else {
+                       $delete = "<a href='" . wp_nonce_url( "post.php?action=trash&amp;post=$attachment_id", 'trash-attachment_' . $attachment_id ) . "' id='del[$attachment_id]' class='delete'>" . __( 'Move to Trash' ) . "</a>
+                       <a href='" . wp_nonce_url( "post.php?action=untrash&amp;post=$attachment_id", 'untrash-attachment_' . $attachment_id ) . "' id='undo[$attachment_id]' class='undo hidden'>" . __( 'Undo' ) . "</a>";
+               }
+       } else {
+               $delete = '';
+       }
+
+       $thumbnail = '';
+       $calling_post_id = 0;
+       if ( isset( $_GET['post_id'] ) )
+               $calling_post_id = absint( $_GET['post_id'] );
+       elseif ( isset( $_POST ) && count( $_POST ) ) // Like for async-upload where $_GET['post_id'] isn't set
+               $calling_post_id = $post->post_parent;
+       if ( 'image' == $type && $calling_post_id && current_theme_supports( 'post-thumbnails', get_post_type( $calling_post_id ) ) && get_post_thumbnail_id( $calling_post_id ) != $attachment_id ) {
+               $ajax_nonce = wp_create_nonce( "set_post_thumbnail-$calling_post_id" );
+               $thumbnail = "<a class='wp-post-thumbnail' id='wp-post-thumbnail-" . $attachment_id . "' href='#' onclick='WPSetAsThumbnail(\"$attachment_id\", \"$ajax_nonce\");return false;'>" . esc_html__( "Use as featured image" ) . "</a>";
+       }
+
+       if ( ( $send || $thumbnail || $delete ) && !isset( $form_fields['buttons'] ) )
+               $form_fields['buttons'] = array( 'tr' => "\t\t<tr class='submit'><td></td><td class='savesend'>$send $thumbnail $delete</td></tr>\n" );
 
        $hidden_fields = array();
 
        foreach ( $form_fields as $id => $field ) {
-               if ( $id{0} == '_' )
+               if ( $id[0] == '_' )
                        continue;
 
-               if ( !empty($field['tr']) ) {
+               if ( !empty( $field['tr'] ) ) {
                        $item .= $field['tr'];
                        continue;
                }
 
-               $field = array_merge($defaults, $field);
+               $field = array_merge( $defaults, $field );
                $name = "attachments[$attachment_id][$id]";
 
                if ( $field['input'] == 'hidden' ) {
@@ -804,30 +1351,33 @@ function get_media_item( $attachment_id, $args = null ) {
                        continue;
                }
 
-               $required = $field['required'] ? '<abbr title="required" class="required">*</abbr>' : '';
+               $required      = $field['required'] ? '<span class="alignright"><abbr title="required" class="required">*</abbr></span>' : '';
                $aria_required = $field['required'] ? " aria-required='true' " : '';
                $class  = $id;
                $class .= $field['required'] ? ' form-required' : '';
 
-               $item .= "\t\t<tr class='$class'>\n\t\t\t<th valign='top' scope='row' class='label'><label for='$name'><span class='alignleft'>{$field['label']}</span><span class='alignright'>$required</span><br class='clear' /></label></th>\n\t\t\t<td class='field'>";
-               if ( !empty($field[$field['input']]) )
-                       $item .= $field[$field['input']];
+               $item .= "\t\t<tr class='$class'>\n\t\t\t<th valign='top' scope='row' class='label'><label for='$name'><span class='alignleft'>{$field['label']}</span>$required<br class='clear' /></label></th>\n\t\t\t<td class='field'>";
+               if ( !empty( $field[ $field['input'] ] ) )
+                       $item .= $field[ $field['input'] ];
                elseif ( $field['input'] == 'textarea' ) {
-                       $item .= "<textarea type='text' id='$name' name='$name'>" . attribute_escape( $field['value'] ) . $aria_required . "</textarea>";
+                       if ( user_can_richedit() ) { // textarea_escaped when user_can_richedit() = false
+                               $field['value'] = esc_textarea( $field['value'] );
+                       }
+                       $item .= "<textarea type='text' id='$name' name='$name' $aria_required>" . $field['value'] . '</textarea>';
                } else {
-                       $item .= "<input type='text' id='$name' name='$name' value='" . attribute_escape( $field['value'] ) . "'" . $aria_required . "/>";
+                       $item .= "<input type='text' class='text' id='$name' name='$name' value='" . esc_attr( $field['value'] ) . "' $aria_required />";
                }
-               if ( !empty($field['helps']) )
-                       $item .= "<p class='help'>" . join( "</p>\n<p class='help'>", array_unique((array) $field['helps']) ) . '</p>';
+               if ( !empty( $field['helps'] ) )
+                       $item .= "<p class='help'>" . join( "</p>\n<p class='help'>", array_unique( (array) $field['helps'] ) ) . '</p>';
                $item .= "</td>\n\t\t</tr>\n";
 
                $extra_rows = array();
 
-               if ( !empty($field['errors']) )
-                       foreach ( array_unique((array) $field['errors']) as $error )
+               if ( !empty( $field['errors'] ) )
+                       foreach ( array_unique( (array) $field['errors'] ) as $error )
                                $extra_rows['error'][] = $error;
 
-               if ( !empty($field['extra_rows']) )
+               if ( !empty( $field['extra_rows'] ) )
                        foreach ( $field['extra_rows'] as $class => $rows )
                                foreach ( (array) $rows as $html )
                                        $extra_rows[$class][] = $html;
@@ -837,17 +1387,28 @@ function get_media_item( $attachment_id, $args = null ) {
                                $item .= "\t\t<tr><td></td><td class='$class'>$html</td></tr>\n";
        }
 
-       if ( !empty($form_fields['_final']) )
+       if ( !empty( $form_fields['_final'] ) )
                $item .= "\t\t<tr class='final'><td colspan='2'>{$form_fields['_final']}</td></tr>\n";
        $item .= "\t</tbody>\n";
        $item .= "\t</table>\n";
 
        foreach ( $hidden_fields as $name => $value )
-               $item .= "\t<input type='hidden' name='$name' id='$name' value='" . attribute_escape( $value ) . "' />\n";
+               $item .= "\t<input type='hidden' name='$name' id='$name' value='" . esc_attr( $value ) . "' />\n";
+
+       if ( $post->post_parent < 1 && isset( $_REQUEST['post_id'] ) ) {
+               $parent = (int) $_REQUEST['post_id'];
+               $parent_name = "attachments[$attachment_id][post_parent]";
+               $item .= "\t<input type='hidden' name='$parent_name' id='$parent_name' value='$parent' />\n";
+       }
 
        return $item;
 }
 
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.5.0
+ */
 function media_upload_header() {
        ?>
        <script type="text/javascript">post_id = <?php echo intval($_REQUEST['post_id']); ?>;</script>
@@ -857,20 +1418,47 @@ function media_upload_header() {
        <?php
 }
 
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.5.0
+ *
+ * @param unknown_type $errors
+ */
 function media_upload_form( $errors = null ) {
-       global $type, $tab;
+       global $type, $tab, $pagenow;
 
        $flash_action_url = admin_url('async-upload.php');
 
        // If Mac and mod_security, no Flash. :(
        $flash = true;
-       if ( false !== strpos(strtolower($_SERVER['HTTP_USER_AGENT']), 'mac') && apache_mod_loaded('mod_security') )
+       if ( false !== stripos($_SERVER['HTTP_USER_AGENT'], 'mac') && apache_mod_loaded('mod_security') )
                $flash = false;
 
        $flash = apply_filters('flash_uploader', $flash);
-       $post_id = intval($_REQUEST['post_id']);
-
+       $post_id = isset($_REQUEST['post_id']) ? intval($_REQUEST['post_id']) : 0;
+
+       $upload_size_unit = $max_upload_size =  wp_max_upload_size();
+       $sizes = array( 'KB', 'MB', 'GB' );
+       for ( $u = -1; $upload_size_unit > 1024 && $u < count( $sizes ) - 1; $u++ )
+               $upload_size_unit /= 1024;
+       if ( $u < 0 ) {
+               $upload_size_unit = 0;
+               $u = 0;
+       } else {
+               $upload_size_unit = (int) $upload_size_unit;
+       }
 ?>
+<script type="text/javascript">
+//<![CDATA[
+var uploaderMode = 0;
+jQuery(document).ready(function($){
+       uploaderMode = getUserSetting('uploader');
+       $('.upload-html-bypass a').click(function(){deleteUserSetting('uploader');uploaderMode=0;swfuploadPreLoad();return false;});
+       $('.upload-flash-bypass a').click(function(){setUserSetting('uploader', '1');uploaderMode=1;swfuploadPreLoad();return false;});
+});
+//]]>
+</script>
 <div id="media-upload-notice">
 <?php if (isset($errors['upload_notice']) ) { ?>
        <?php echo $errors['upload_notice']; ?>
@@ -881,89 +1469,149 @@ function media_upload_form( $errors = null ) {
        <?php echo $errors['upload_error']->get_error_message(); ?>
 <?php } ?>
 </div>
+<?php
+// Check quota for this blog if multisite
+if ( is_multisite() && !is_upload_space_available() ) {
+       echo '<p>' . sprintf( __( 'Sorry, you have filled your storage quota (%s MB).' ), get_space_allowed() ) . '</p>';
+       return;
+}
 
-<?php do_action('pre-upload-ui'); ?>
+do_action('pre-upload-ui');
+
+if ( $flash ) :
+
+// Set the post params, which SWFUpload will post back with the file, and pass
+// them through a filter.
+$post_params = array(
+               "post_id" => $post_id,
+               "auth_cookie" => (is_ssl() ? $_COOKIE[SECURE_AUTH_COOKIE] : $_COOKIE[AUTH_COOKIE]),
+               "logged_in_cookie" => $_COOKIE[LOGGED_IN_COOKIE],
+               "_wpnonce" => wp_create_nonce('media-form'),
+               "type" => $type,
+               "tab" => $tab,
+               "short" => "1",
+);
+$post_params = apply_filters( 'swfupload_post_params', $post_params );
+$p = array();
+foreach ( $post_params as $param => $val )
+       $p[] = "\t\t'$param' : '$val'";
+$post_params_str = implode( ", \n", $p );
+
+// #8545. wmode=transparent cannot be used with SWFUpload
+if ( 'media-new.php' == $pagenow ) {
+       $upload_image_path = get_user_option( 'admin_color' );
+       if ( 'classic' != $upload_image_path )
+               $upload_image_path = 'fresh';
+       $upload_image_path = admin_url( 'images/upload-' . $upload_image_path . '.png?ver=20101205' );
+} else {
+       $upload_image_path = includes_url( 'images/upload.png?ver=20100531' );
+}
 
-<?php if ( $flash ) : ?>
+?>
 <script type="text/javascript">
-<!--
-jQuery(function($){
-       swfu = new SWFUpload({
-                       upload_url : "<?php echo attribute_escape( $flash_action_url ); ?>",
-                       flash_url : "<?php echo includes_url('js/swfupload/swfupload_f9.swf'); ?>",
+//<![CDATA[
+var swfu;
+SWFUpload.onload = function() {
+       var settings = {
+                       button_text: '<span class="button"><?php _e('Select Files'); ?><\/span>',
+                       button_text_style: '.button { text-align: center; font-weight: bold; font-family:"Lucida Grande",Verdana,Arial,"Bitstream Vera Sans",sans-serif; font-size: 11px; text-shadow: 0 1px 0 #FFFFFF; color:#464646; }',
+                       button_height: "23",
+                       button_width: "132",
+                       button_text_top_padding: 3,
+                       button_image_url: '<?php echo $upload_image_path; ?>',
+                       button_placeholder_id: "flash-browse-button",
+                       upload_url : "<?php echo esc_attr( $flash_action_url ); ?>",
+                       flash_url : "<?php echo includes_url('js/swfupload/swfupload.swf'); ?>",
                        file_post_name: "async-upload",
                        file_types: "<?php echo apply_filters('upload_file_glob', '*.*'); ?>",
                        post_params : {
-                               "post_id" : "<?php echo $post_id; ?>",
-                               "auth_cookie" : "<?php if ( is_ssl() ) echo $_COOKIE[SECURE_AUTH_COOKIE]; else echo $_COOKIE[AUTH_COOKIE]; ?>",
-                               "_wpnonce" : "<?php echo wp_create_nonce('media-form'); ?>",
-                               "type" : "<?php echo $type; ?>",
-                               "tab" : "<?php echo $tab; ?>",
-                               "short" : "1"
+                               <?php echo $post_params_str; ?>
                        },
-                       file_size_limit : "<?php echo wp_max_upload_size(); ?>b",
-                       swfupload_element_id : "flash-upload-ui", // id of the element displayed when swfupload is available
-                       degraded_element_id : "html-upload-ui",   // when swfupload is unavailable
+                       file_size_limit : "<?php echo $max_upload_size; ?>b",
                        file_dialog_start_handler : fileDialogStart,
                        file_queued_handler : fileQueued,
                        upload_start_handler : uploadStart,
                        upload_progress_handler : uploadProgress,
                        upload_error_handler : uploadError,
-                       upload_success_handler : uploadSuccess,
+                       upload_success_handler : <?php echo apply_filters( 'swfupload_success_handler', 'uploadSuccess' ); ?>,
                        upload_complete_handler : uploadComplete,
                        file_queue_error_handler : fileQueueError,
                        file_dialog_complete_handler : fileDialogComplete,
-
+                       swfupload_pre_load_handler: swfuploadPreLoad,
+                       swfupload_load_failed_handler: swfuploadLoadFailed,
+                       custom_settings : {
+                               degraded_element_id : "html-upload-ui", // id of the element displayed when swfupload is unavailable
+                               swfupload_element_id : "flash-upload-ui" // id of the element displayed when swfupload is available
+                       },
                        debug: false
-               });
-       $("#flash-browse-button").bind( "click", function(){swfu.selectFiles();});
-});
-//-->
+               };
+               swfu = new SWFUpload(settings);
+};
+//]]>
 </script>
 
-<div id="flash-upload-ui">
+<div id="flash-upload-ui" class="hide-if-no-js">
 <?php do_action('pre-flash-upload-ui'); ?>
-       <p><input id="flash-browse-button" type="button" value="<?php echo attribute_escape( __( 'Choose files to upload' ) ); ?>" class="button" /></p>
+
+       <div>
+       <?php _e( 'Choose files to upload' ); ?>
+       <div id="flash-browse-button"></div>
+       <span><input id="cancel-upload" disabled="disabled" onclick="cancelUpload()" type="button" value="<?php esc_attr_e('Cancel Upload'); ?>" class="button" /></span>
+       </div>
+       <p class="media-upload-size"><?php printf( __( 'Maximum upload file size: %d%s' ), $upload_size_unit, $sizes[$u] ); ?></p>
 <?php do_action('post-flash-upload-ui'); ?>
        <p class="howto"><?php _e('After a file has been uploaded, you can add titles and descriptions.'); ?></p>
 </div>
-
 <?php endif; // $flash ?>
 
 <div id="html-upload-ui">
 <?php do_action('pre-html-upload-ui'); ?>
-       <p>
-       <input type="file" name="async-upload" id="async-upload" /> <input type="submit" class="button" name="html-upload" value="<?php echo attribute_escape(__('Upload')); ?>" /> <a href="#" onclick="return top.tb_remove();"><?php _e('Cancel'); ?></a>
+       <p id="async-upload-wrap">
+               <label class="screen-reader-text" for="async-upload"><?php _e('Upload'); ?></label>
+               <input type="file" name="async-upload" id="async-upload" />
+               <?php submit_button( __( 'Upload' ), 'button', 'html-upload', false ); ?>
+               <a href="#" onclick="try{top.tb_remove();}catch(e){}; return false;"><?php _e('Cancel'); ?></a>
        </p>
-       <br class="clear" />
+       <div class="clear"></div>
+       <p class="media-upload-size"><?php printf( __( 'Maximum upload file size: %d%s' ), $upload_size_unit, $sizes[$u] ); ?></p>
        <?php if ( is_lighttpd_before_150() ): ?>
-       <p><?php _e('If you want to use all capabilities of the uploader, like uploading multiple files at once, please upgrade to lighttpd 1.5.'); ?></p>
+       <p><?php _e('If you want to use all capabilities of the uploader, like uploading multiple files at once, please update to lighttpd 1.5.'); ?></p>
        <?php endif;?>
-<?php do_action('post-html-upload-ui'); ?>
+<?php do_action('post-html-upload-ui', $flash); ?>
 </div>
 <?php do_action('post-upload-ui'); ?>
 <?php
 }
 
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.5.0
+ *
+ * @param unknown_type $type
+ * @param unknown_type $errors
+ * @param unknown_type $id
+ */
 function media_upload_type_form($type = 'file', $errors = null, $id = null) {
        media_upload_header();
 
-       $post_id = intval($_REQUEST['post_id']);
+       $post_id = isset( $_REQUEST['post_id'] )? intval( $_REQUEST['post_id'] ) : 0;
 
        $form_action_url = admin_url("media-upload.php?type=$type&tab=type&post_id=$post_id");
        $form_action_url = apply_filters('media_upload_form_url', $form_action_url, $type);
-
-       $callback = "type_form_$type";
 ?>
 
-<form enctype="multipart/form-data" method="post" action="<?php echo attribute_escape($form_action_url); ?>" class="media-upload-form type-form validate" id="<?php echo $type; ?>-form">
+<form enctype="multipart/form-data" method="post" action="<?php echo esc_attr($form_action_url); ?>" class="media-upload-form type-form validate" id="<?php echo $type; ?>-form">
+<?php submit_button( '', 'hidden', 'save', false ); ?>
 <input type="hidden" name="post_id" id="post_id" value="<?php echo (int) $post_id; ?>" />
 <?php wp_nonce_field('media-form'); ?>
-<h3><?php _e('From Computer'); ?></h3>
+
+<h3 class="media-title"><?php _e('Add media files from your computer'); ?></h3>
+
 <?php media_upload_form( $errors ); ?>
 
 <script type="text/javascript">
-<!--
+//<![CDATA[
 jQuery(function($){
        var preloaded = $(".media-item.preloaded");
        if ( preloaded.length > 0 ) {
@@ -971,20 +1619,55 @@ jQuery(function($){
        }
        updateMediaForm();
 });
--->
+//]]>
 </script>
-<?php if ( $id && !is_wp_error($id) ) : ?>
 <div id="media-items">
-<?php echo get_media_items( $id, $errors ); ?>
+<?php
+if ( $id ) {
+       if ( !is_wp_error($id) ) {
+               add_filter('attachment_fields_to_edit', 'media_post_single_attachment_fields_to_edit', 10, 2);
+               echo get_media_items( $id, $errors );
+       } else {
+               echo '<div id="media-upload-error">'.esc_html($id->get_error_message()).'</div>';
+               exit;
+       }
+}
+?>
 </div>
-<input type="submit" class="button savebutton" name="save" value="<?php echo attribute_escape( __( 'Save all changes' ) ); ?>" />
+<p class="savebutton ml-submit">
+<?php submit_button( __( 'Save all changes' ), 'button', 'save', false ); ?>
+</p>
+</form>
+<?php
+}
 
-<?php elseif ( is_callable($callback) ) : ?>
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.7.0
+ *
+ * @param unknown_type $type
+ * @param unknown_type $errors
+ * @param unknown_type $id
+ */
+function media_upload_type_url_form($type = 'file', $errors = null, $id = null) {
+       media_upload_header();
 
-<div class="media-blank">
-<p style="text-align:center"><?php _e('&mdash; OR &mdash;'); ?></p>
-<h3><?php _e('From URL'); ?></h3>
-</div>
+       $post_id = intval($_REQUEST['post_id']);
+
+       $form_action_url = admin_url("media-upload.php?type=$type&tab=type&post_id=$post_id");
+       $form_action_url = apply_filters('media_upload_form_url', $form_action_url, $type);
+
+       $callback = "type_url_form_$type";
+?>
+
+<form enctype="multipart/form-data" method="post" action="<?php echo esc_attr($form_action_url); ?>" class="media-upload-form type-form validate" id="<?php echo $type; ?>-form">
+<input type="hidden" name="post_id" id="post_id" value="<?php echo (int) $post_id; ?>" />
+<?php wp_nonce_field('media-form'); ?>
+
+<?php if ( is_callable($callback) ) { ?>
+
+<h3 class="media-title"><?php _e('Add media file from URL'); ?></h3>
 
 <script type="text/javascript">
 //<![CDATA[
@@ -995,21 +1678,23 @@ var addExtImage = {
        align : 'alignnone',
 
        insert : function() {
-               var t = this, html, f = document.forms[0], cls, title = '', alt = '', caption = null;
+               var t = this, html, f = document.forms[0], cls, title = '', alt = '', caption = '';
 
-               if ( '' == f.src.value || '' == t.width ) return false;
+               if ( '' == f.src.value || '' == t.width )
+                       return false;
 
                if ( f.title.value ) {
-                       title = f.title.value.replace(/['"<>]+/g, '');
+                       title = f.title.value.replace(/'/g, '&#039;').replace(/"/g, '&quot;').replace(/</g, '&lt;').replace(/>/g, '&gt;');
                        title = ' title="'+title+'"';
                }
 
-               if ( f.alt.value ) {
-                       alt = f.alt.value.replace(/['"<>]+/g, '');
+               if ( f.alt.value )
+                       alt = f.alt.value.replace(/'/g, '&#039;').replace(/"/g, '&quot;').replace(/</g, '&lt;').replace(/>/g, '&gt;');
+
 <?php if ( ! apply_filters( 'disable_captions', '' ) ) { ?>
-                       caption = f.alt.value.replace(/'/g, '&#39;').replace(/"/g, '&quot;').replace(/</g, '&lt;').replace(/>/g, '&gt;');
+               if ( f.caption.value )
+                       caption = f.caption.value.replace(/'/g, '&#039;').replace(/"/g, '&quot;').replace(/</g, '&lt;').replace(/>/g, '&gt;');
 <?php } ?>
-               }
 
                cls = caption ? '' : ' class="'+t.align+'"';
 
@@ -1023,6 +1708,7 @@ var addExtImage = {
 
                var win = window.dialogArguments || opener || parent || top;
                win.send_to_editor(html);
+               return false;
        },
 
        resetImageData : function() {
@@ -1031,8 +1717,8 @@ var addExtImage = {
                t.width = t.height = '';
                document.getElementById('go_button').style.color = '#bbb';
                if ( ! document.forms[0].src.value )
-                       document.getElementById('status_img').src = 'images/required.gif';
-               else document.getElementById('status_img').src = 'images/no.png';
+                       document.getElementById('status_img').innerHTML = '*';
+               else document.getElementById('status_img').innerHTML = '<img src="<?php echo esc_url( admin_url( 'images/no.png' ) ); ?>" alt="" />';
        },
 
        updateImageData : function() {
@@ -1041,7 +1727,7 @@ var addExtImage = {
                t.width = t.preloadImg.width;
                t.height = t.preloadImg.height;
                document.getElementById('go_button').style.color = '#333';
-               document.getElementById('status_img').src = 'images/yes.png';
+               document.getElementById('status_img').innerHTML = '<img src="<?php echo esc_url( admin_url( 'images/yes.png' ) ); ?>" alt="" />';
        },
 
        getImageData : function() {
@@ -1051,7 +1737,7 @@ var addExtImage = {
                        t.resetImageData();
                        return false;
                }
-               document.getElementById('status_img').src = 'images/loading.gif';
+               document.getElementById('status_img').innerHTML = '<img src="<?php echo esc_url( admin_url( 'images/wpspin_light.gif' ) ); ?>" alt="" />';
                t.preloadImg = new Image();
                t.preloadImg.onload = t.updateImageData;
                t.preloadImg.onerror = t.resetImageData;
@@ -1063,23 +1749,32 @@ var addExtImage = {
 
 <div id="media-items">
 <div class="media-item media-blank">
-<?php echo call_user_func($callback); ?>
+<?php echo apply_filters($callback, call_user_func($callback)); ?>
 </div>
 </div>
-<input type="submit" class="button savebutton" name="save" value="<?php echo attribute_escape( __( 'Save all changes' ) ); ?>" />
 </form>
 <?php
-       endif;
+       } else {
+               wp_die( __('Unknown action.') );
+       }
 }
 
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.5.0
+ *
+ * @param unknown_type $errors
+ */
 function media_upload_gallery_form($errors) {
-       global $redir_tab;
+       global $redir_tab, $type;
 
        $redir_tab = 'gallery';
        media_upload_header();
 
        $post_id = intval($_REQUEST['post_id']);
-       $form_action_url = admin_url("media-upload.php?type={$GLOBALS['type']}&tab=gallery&post_id=$post_id");
+       $form_action_url = admin_url("media-upload.php?type=$type&tab=gallery&post_id=$post_id");
+       $form_action_url = apply_filters('media_upload_form_url', $form_action_url, $type);
 ?>
 
 <script type="text/javascript">
@@ -1093,30 +1788,126 @@ jQuery(function($){
 });
 -->
 </script>
-
-<form enctype="multipart/form-data" method="post" action="<?php echo attribute_escape($form_action_url); ?>" class="media-upload-form validate" id="gallery-form">
+<div id="sort-buttons" class="hide-if-no-js">
+<span>
+<?php _e('All Tabs:'); ?>
+<a href="#" id="showall"><?php _e('Show'); ?></a>
+<a href="#" id="hideall" style="display:none;"><?php _e('Hide'); ?></a>
+</span>
+<?php _e('Sort Order:'); ?>
+<a href="#" id="asc"><?php _e('Ascending'); ?></a> |
+<a href="#" id="desc"><?php _e('Descending'); ?></a> |
+<a href="#" id="clear"><?php _ex('Clear', 'verb'); ?></a>
+</div>
+<form enctype="multipart/form-data" method="post" action="<?php echo esc_attr($form_action_url); ?>" class="media-upload-form validate" id="gallery-form">
 <?php wp_nonce_field('media-form'); ?>
 <?php //media_upload_form( $errors ); ?>
-<table class="widefat">
+<table class="widefat" cellspacing="0">
 <thead><tr>
 <th><?php _e('Media'); ?></th>
 <th class="order-head"><?php _e('Order'); ?></th>
+<th class="actions-head"><?php _e('Actions'); ?></th>
 </tr></thead>
 </table>
 <div id="media-items">
+<?php add_filter('attachment_fields_to_edit', 'media_post_single_attachment_fields_to_edit', 10, 2); ?>
 <?php echo get_media_items($post_id, $errors); ?>
 </div>
+
 <p class="ml-submit">
-<input type="submit" class="button savebutton" name="save" value="<?php echo attribute_escape( __( 'Save all changes' ) ); ?>" />
-<input type="submit" class="button insert-gallery" name="insert-gallery" value="<?php echo attribute_escape( __( 'Insert gallery into post' ) ); ?>" />
+<?php submit_button( __( 'Save all changes' ), 'button savebutton', 'save', false, array( 'id' => 'save-all', 'style' => 'display: none;' ) ); ?>
 <input type="hidden" name="post_id" id="post_id" value="<?php echo (int) $post_id; ?>" />
-<input type="hidden" name="type" value="<?php echo attribute_escape( $GLOBALS['type'] ); ?>" />
-<input type="hidden" name="tab" value="<?php echo attribute_escape( $GLOBALS['tab'] ); ?>" />
+<input type="hidden" name="type" value="<?php echo esc_attr( $GLOBALS['type'] ); ?>" />
+<input type="hidden" name="tab" value="<?php echo esc_attr( $GLOBALS['tab'] ); ?>" />
+</p>
+
+<div id="gallery-settings" style="display:none;">
+<div class="title"><?php _e('Gallery Settings'); ?></div>
+<table id="basic" class="describe"><tbody>
+       <tr>
+       <th scope="row" class="label">
+               <label>
+               <span class="alignleft"><?php _e('Link thumbnails to:'); ?></span>
+               </label>
+       </th>
+       <td class="field">
+               <input type="radio" name="linkto" id="linkto-file" value="file" />
+               <label for="linkto-file" class="radio"><?php _e('Image File'); ?></label>
+
+               <input type="radio" checked="checked" name="linkto" id="linkto-post" value="post" />
+               <label for="linkto-post" class="radio"><?php _e('Attachment Page'); ?></label>
+       </td>
+       </tr>
+
+       <tr>
+       <th scope="row" class="label">
+               <label>
+               <span class="alignleft"><?php _e('Order images by:'); ?></span>
+               </label>
+       </th>
+       <td class="field">
+               <select id="orderby" name="orderby">
+                       <option value="menu_order" selected="selected"><?php _e('Menu order'); ?></option>
+                       <option value="title"><?php _e('Title'); ?></option>
+                       <option value="ID"><?php _e('Date/Time'); ?></option>
+                       <option value="rand"><?php _e('Random'); ?></option>
+               </select>
+       </td>
+       </tr>
+
+       <tr>
+       <th scope="row" class="label">
+               <label>
+               <span class="alignleft"><?php _e('Order:'); ?></span>
+               </label>
+       </th>
+       <td class="field">
+               <input type="radio" checked="checked" name="order" id="order-asc" value="asc" />
+               <label for="order-asc" class="radio"><?php _e('Ascending'); ?></label>
+
+               <input type="radio" name="order" id="order-desc" value="desc" />
+               <label for="order-desc" class="radio"><?php _e('Descending'); ?></label>
+       </td>
+       </tr>
+
+       <tr>
+       <th scope="row" class="label">
+               <label>
+               <span class="alignleft"><?php _e('Gallery columns:'); ?></span>
+               </label>
+       </th>
+       <td class="field">
+               <select id="columns" name="columns">
+                       <option value="1">1</option>
+                       <option value="2">2</option>
+                       <option value="3" selected="selected">3</option>
+                       <option value="4">4</option>
+                       <option value="5">5</option>
+                       <option value="6">6</option>
+                       <option value="7">7</option>
+                       <option value="8">8</option>
+                       <option value="9">9</option>
+               </select>
+       </td>
+       </tr>
+</tbody></table>
+
+<p class="ml-submit">
+<input type="button" class="button" style="display:none;" onMouseDown="wpgallery.update();" name="insert-gallery" id="insert-gallery" value="<?php esc_attr_e( 'Insert gallery' ); ?>" />
+<input type="button" class="button" style="display:none;" onMouseDown="wpgallery.update();" name="update-gallery" id="update-gallery" value="<?php esc_attr_e( 'Update gallery settings' ); ?>" />
 </p>
+</div>
 </form>
 <?php
 }
 
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.5.0
+ *
+ * @param unknown_type $errors
+ */
 function media_upload_library_form($errors) {
        global $wpdb, $wp_query, $wp_locale, $type, $tab, $post_mime_types;
 
@@ -1124,31 +1915,32 @@ function media_upload_library_form($errors) {
 
        $post_id = intval($_REQUEST['post_id']);
 
-       $form_action_url = admin_url("media-upload.php?type={$GLOBALS['type']}&tab=library&post_id=$post_id");
+       $form_action_url = admin_url("media-upload.php?type=$type&tab=library&post_id=$post_id");
+       $form_action_url = apply_filters('media_upload_form_url', $form_action_url, $type);
 
-       $_GET['paged'] = intval($_GET['paged']);
+       $_GET['paged'] = isset( $_GET['paged'] ) ? intval($_GET['paged']) : 0;
        if ( $_GET['paged'] < 1 )
                $_GET['paged'] = 1;
        $start = ( $_GET['paged'] - 1 ) * 10;
        if ( $start < 1 )
                $start = 0;
-       add_filter( 'post_limits', $limit_filter = create_function( '$a', "return 'LIMIT $start, 10';" ) );
+       add_filter( 'post_limits', create_function( '$a', "return 'LIMIT $start, 10';" ) );
 
        list($post_mime_types, $avail_post_mime_types) = wp_edit_attachments_query();
 
 ?>
 
 <form id="filter" action="" method="get">
-<input type="hidden" name="type" value="<?php echo attribute_escape( $type ); ?>" />
-<input type="hidden" name="tab" value="<?php echo attribute_escape( $tab ); ?>" />
+<input type="hidden" name="type" value="<?php echo esc_attr( $type ); ?>" />
+<input type="hidden" name="tab" value="<?php echo esc_attr( $tab ); ?>" />
 <input type="hidden" name="post_id" value="<?php echo (int) $post_id; ?>" />
-<input type="hidden" name="post_mime_type" value="<?php echo attribute_escape( $_GET['post_mime_type'] ); ?>" />
+<input type="hidden" name="post_mime_type" value="<?php echo isset( $_GET['post_mime_type'] ) ? esc_attr( $_GET['post_mime_type'] ) : ''; ?>" />
 
-<div id="search-filter">
-       <label class="hidden" for="post-search-input"><?php _e('Search Media');?>:</label>
-       <input type="text" id="post-search-input" name="s" value="<?php the_search_query(); ?>" />
-       <input type="submit" value="<?php echo attribute_escape( __( 'Search Media' ) ); ?>" class="button" />
-</div>
+<p id="media-search" class="search-box">
+       <label class="screen-reader-text" for="media-search-input"><?php _e('Search Media');?>:</label>
+       <input type="text" id="media-search-input" name="s" value="<?php the_search_query(); ?>" />
+       <?php submit_button( __( 'Search Media' ), 'button', '', false ); ?>
+</p>
 
 <ul class="subsubsub">
 <?php
@@ -1157,7 +1949,10 @@ $_num_posts = (array) wp_count_attachments();
 $matches = wp_match_mime_types(array_keys($post_mime_types), array_keys($_num_posts));
 foreach ( $matches as $_type => $reals )
        foreach ( $reals as $real )
-               $num_posts[$_type] += $_num_posts[$real];
+               if ( isset($num_posts[$_type]) )
+                       $num_posts[$_type] += $_num_posts[$real];
+               else
+                       $num_posts[$_type] = $_num_posts[$real];
 // If available type specified by media button clicked, filter by that type
 if ( empty($_GET['post_mime_type']) && !empty($num_posts[$type]) ) {
        $_GET['post_mime_type'] = $type;
@@ -1165,19 +1960,21 @@ if ( empty($_GET['post_mime_type']) && !empty($num_posts[$type]) ) {
 }
 if ( empty($_GET['post_mime_type']) || $_GET['post_mime_type'] == 'all' )
        $class = ' class="current"';
-$type_links[] = "<li><a href='" . clean_url(add_query_arg(array('post_mime_type'=>'all', 'paged'=>false, 'm'=>false))) . "'$class>".__('All Types')."</a>";
+else
+       $class = '';
+$type_links[] = "<li><a href='" . esc_url(add_query_arg(array('post_mime_type'=>'all', 'paged'=>false, 'm'=>false))) . "'$class>".__('All Types')."</a>";
 foreach ( $post_mime_types as $mime_type => $label ) {
        $class = '';
 
        if ( !wp_match_mime_types($mime_type, $avail_post_mime_types) )
                continue;
 
-       if ( wp_match_mime_types($mime_type, $_GET['post_mime_type']) )
+       if ( isset($_GET['post_mime_type']) && wp_match_mime_types($mime_type, $_GET['post_mime_type']) )
                $class = ' class="current"';
 
-       $type_links[] = "<li><a href='" . clean_url(add_query_arg(array('post_mime_type'=>$mime_type, 'paged'=>false))) . "'$class>" . sprintf(__ngettext($label[2][0], $label[2][1], $num_posts[$mime_type]), "<span id='$mime_type-counter'>" . number_format_i18n( $num_posts[$mime_type] ) . '</span>') . '</a>';
+       $type_links[] = "<li><a href='" . esc_url(add_query_arg(array('post_mime_type'=>$mime_type, 'paged'=>false))) . "'$class>" . sprintf( translate_nooped_plural( $label[2], $num_posts[$mime_type] ), "<span id='$mime_type-counter'>" . number_format_i18n( $num_posts[$mime_type] ) . '</span>') . '</a>';
 }
-echo implode(' | </li>', $type_links) . '</li>';
+echo implode(' | </li>', apply_filters( 'media_upload_mime_type_links', $type_links ) ) . '</li>';
 unset($type_links);
 ?>
 </ul>
@@ -1188,6 +1985,8 @@ unset($type_links);
 $page_links = paginate_links( array(
        'base' => add_query_arg( 'paged', '%#%' ),
        'format' => '',
+       'prev_text' => __('&laquo;'),
+       'next_text' => __('&raquo;'),
        'total' => ceil($wp_query->found_posts / 10),
        'current' => $_GET['paged']
 ));
@@ -1196,7 +1995,7 @@ if ( $page_links )
        echo "<div class='tablenav-pages'>$page_links</div>";
 ?>
 
-<div class="alignleft">
+<div class="alignleft actions">
 <?php
 
 $arc_query = "SELECT DISTINCT YEAR(post_date) AS yyear, MONTH(post_date) AS mmonth FROM $wpdb->posts WHERE post_type = 'attachment' ORDER BY post_date DESC";
@@ -1214,20 +2013,20 @@ foreach ($arc_result as $arc_row) {
                continue;
        $arc_row->mmonth = zeroise( $arc_row->mmonth, 2 );
 
-       if ( $arc_row->yyear . $arc_row->mmonth == $_GET['m'] )
+       if ( isset($_GET['m']) && ( $arc_row->yyear . $arc_row->mmonth == $_GET['m'] ) )
                $default = ' selected="selected"';
        else
                $default = '';
 
-       echo "<option$default value='" . attribute_escape( $arc_row->yyear . $arc_row->mmonth ) . "'>";
-       echo wp_specialchars( $wp_locale->get_month($arc_row->mmonth) . " $arc_row->yyear" );
+       echo "<option$default value='" . esc_attr( $arc_row->yyear . $arc_row->mmonth ) . "'>";
+       echo esc_html( $wp_locale->get_month($arc_row->mmonth) . " $arc_row->yyear" );
        echo "</option>\n";
 }
 ?>
 </select>
 <?php } ?>
 
-<input type="submit" id="post-query-submit" value="<?php echo attribute_escape( __( 'Filter &#187;' ) ); ?>" class="button-secondary" />
+<?php submit_button( __( 'Filter &#187;' ), 'secondary', 'post-query-submit', false ); ?>
 
 </div>
 
@@ -1235,7 +2034,7 @@ foreach ($arc_result as $arc_row) {
 </div>
 </form>
 
-<form enctype="multipart/form-data" method="post" action="<?php echo attribute_escape($form_action_url); ?>" class="media-upload-form validate" id="library-form">
+<form enctype="multipart/form-data" method="post" action="<?php echo esc_attr($form_action_url); ?>" class="media-upload-form validate" id="library-form">
 
 <?php wp_nonce_field('media-form'); ?>
 <?php //media_upload_form( $errors ); ?>
@@ -1253,32 +2052,49 @@ jQuery(function($){
 </script>
 
 <div id="media-items">
+<?php add_filter('attachment_fields_to_edit', 'media_post_single_attachment_fields_to_edit', 10, 2); ?>
 <?php echo get_media_items(null, $errors); ?>
 </div>
 <p class="ml-submit">
-<input type="submit" class="button savebutton" name="save" value="<?php echo attribute_escape( __( 'Save all changes' ) ); ?>" />
+<?php submit_button( __( 'Save all changes' ), 'button savebutton', 'save', false ); ?>
 <input type="hidden" name="post_id" id="post_id" value="<?php echo (int) $post_id; ?>" />
 </p>
 </form>
 <?php
 }
 
-function type_form_image() {
-
-       if ( apply_filters( 'disable_captions', '' ) ) {
-               $alt = __('Alternate Text');
-               $alt_help = __('Alt text for the image, e.g. "The Mona Lisa"');
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.7.0
+ *
+ * @return unknown
+ */
+function type_url_form_image() {
+       if ( !apply_filters( 'disable_captions', '' ) ) {
+               $caption = '
+               <tr>
+                       <th valign="top" scope="row" class="label">
+                               <span class="alignleft"><label for="caption">' . __('Image Caption') . '</label></span>
+                       </th>
+                       <td class="field"><input id="caption" name="caption" value="" type="text" /></td>
+               </tr>
+';
        } else {
-               $alt = __('Image Caption');
-               $alt_help = __('Also used as alternate text for the image');
+               $caption = '';
        }
 
+       $default_align = get_option('image_default_align');
+       if ( empty($default_align) )
+               $default_align = 'none';
+
        return '
+       <h4 class="media-sub-title">' . __('Insert an image from another web site') . '</h4>
        <table class="describe"><tbody>
                <tr>
-                       <th valign="top" scope="row" class="label" style="width:120px;">
-                               <span class="alignleft"><label for="src">' . __('Source') . '</label></span>
-                               <span class="alignright"><img id="status_img" src="images/required.gif" title="required" alt="required" /></span>
+                       <th valign="top" scope="row" class="label" style="width:130px;">
+                               <span class="alignleft"><label for="src">' . __('Image URL') . '</label></span>
+                               <span class="alignright"><abbr id="status_img" title="required" class="required">*</abbr></span>
                        </th>
                        <td class="field"><input id="src" name="src" value="" type="text" aria-required="true" onblur="addExtImage.getImageData()" /></td>
                </tr>
@@ -1288,34 +2104,34 @@ function type_form_image() {
                                <span class="alignleft"><label for="title">' . __('Image Title') . '</label></span>
                                <span class="alignright"><abbr title="required" class="required">*</abbr></span>
                        </th>
-                       <td class="field"><p><input id="title" name="title" value="" type="text" aria-required="true" /></p></td>
+                       <td class="field"><input id="title" name="title" value="" type="text" aria-required="true" /></td>
                </tr>
 
                <tr>
                        <th valign="top" scope="row" class="label">
-                               <span class="alignleft"><label for="alt">' . $alt . '</label></span>
+                               <span class="alignleft"><label for="alt">' . __('Alternate Text') . '</label></span>
                        </th>
                        <td class="field"><input id="alt" name="alt" value="" type="text" aria-required="true" />
-                       <p class="help">' . $alt_help . '</p></td>
+                       <p class="help">' . __('Alt text for the image, e.g. &#8220;The Mona Lisa&#8221;') . '</p></td>
                </tr>
-
+               ' . $caption . '
                <tr class="align">
                        <th valign="top" scope="row" class="label"><p><label for="align">' . __('Alignment') . '</label></p></th>
                        <td class="field">
-                               <input name="align" id="align-none" value="alignnone" onclick="addExtImage.align=this.value" type="radio" checked="checked" />
+                               <input name="align" id="align-none" value="none" onclick="addExtImage.align=\'align\'+this.value" type="radio"' . ($default_align == 'none' ? ' checked="checked"' : '').' />
                                <label for="align-none" class="align image-align-none-label">' . __('None') . '</label>
-                               <input name="align" id="align-left" value="alignleft" onclick="addExtImage.align=this.value" type="radio" />
+                               <input name="align" id="align-left" value="left" onclick="addExtImage.align=\'align\'+this.value" type="radio"' . ($default_align == 'left' ? ' checked="checked"' : '').' />
                                <label for="align-left" class="align image-align-left-label">' . __('Left') . '</label>
-                               <input name="align" id="align-center" value="aligncenter" onclick="addExtImage.align=this.value" type="radio" />
+                               <input name="align" id="align-center" value="center" onclick="addExtImage.align=\'align\'+this.value" type="radio"' . ($default_align == 'center' ? ' checked="checked"' : '').' />
                                <label for="align-center" class="align image-align-center-label">' . __('Center') . '</label>
-                               <input name="align" id="align-right" value="alignright" onclick="addExtImage.align=this.value" type="radio" />
+                               <input name="align" id="align-right" value="right" onclick="addExtImage.align=\'align\'+this.value" type="radio"' . ($default_align == 'right' ? ' checked="checked"' : '').' />
                                <label for="align-right" class="align image-align-right-label">' . __('Right') . '</label>
                        </td>
                </tr>
 
                <tr>
                        <th valign="top" scope="row" class="label">
-                               <span class="alignleft"><label for="url">' . __('Link URL') . '</label></span>
+                               <span class="alignleft"><label for="url">' . __('Link Image To:') . '</label></span>
                        </th>
                        <td class="field"><input id="url" name="url" value="" type="text" /><br />
 
@@ -1323,19 +2139,20 @@ function type_form_image() {
                        <button type="button" class="button" value="" onclick="document.forms[0].url.value=document.forms[0].src.value">' . __('Link to image') . '</button>
                        <p class="help">' . __('Enter a link URL or click above for presets.') . '</p></td>
                </tr>
-
-               <tr>
-                       <td></td>
-                       <td>
-                               <input type="button" class="button" id="go_button" style="color:#bbb;" onclick="addExtImage.insert()" value="' . attribute_escape(__('Insert into Post')) . '" />
-                       </td>
-               </tr>
+       ' . _insert_into_post_button('image') . '
        </tbody></table>
 ';
 
 }
 
-function type_form_audio() {
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.7.0
+ *
+ * @return unknown
+ */
+function type_url_form_audio() {
        return '
        <table class="describe"><tbody>
                <tr>
@@ -1352,18 +2169,20 @@ function type_form_audio() {
                        </th>
                        <td class="field"><input id="insertonly[title]" name="insertonly[title]" value="" type="text" aria-required="true"></td>
                </tr>
-               <tr><td></td><td class="help">' . __('Link text, e.g. "Still Alive by Jonathan Coulton"') . '</td></tr>
-               <tr>
-                       <td></td>
-                       <td>
-                               <input type="submit" class="button" name="insertonlybutton" value="' . attribute_escape(__('Insert into Post')) . '" />
-                       </td>
-               </tr>
+               <tr><td></td><td class="help">' . __('Link text, e.g. &#8220;Still Alive by Jonathan Coulton&#8221;') . '</td></tr>
+       ' . _insert_into_post_button('audio') . '
        </tbody></table>
 ';
 }
 
-function type_form_video() {
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.7.0
+ *
+ * @return unknown
+ */
+function type_url_form_video() {
        return '
        <table class="describe"><tbody>
                <tr>
@@ -1380,18 +2199,20 @@ function type_form_video() {
                        </th>
                        <td class="field"><input id="insertonly[title]" name="insertonly[title]" value="" type="text" aria-required="true"></td>
                </tr>
-               <tr><td></td><td class="help">' . __('Link text, e.g. "Lucy on YouTube"') . '</td></tr>
-               <tr>
-                       <td></td>
-                       <td>
-                               <input type="submit" class="button" name="insertonlybutton" value="' . attribute_escape(__('Insert into Post')) . '" />
-                       </td>
-               </tr>
+               <tr><td></td><td class="help">' . __('Link text, e.g. &#8220;Lucy on YouTube&#8221;') . '</td></tr>
+       ' . _insert_into_post_button('video') . '
        </tbody></table>
 ';
 }
 
-function type_form_file() {
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.7.0
+ *
+ * @return unknown
+ */
+function type_url_form_file() {
        return '
        <table class="describe"><tbody>
                <tr>
@@ -1408,60 +2229,103 @@ function type_form_file() {
                        </th>
                        <td class="field"><input id="insertonly[title]" name="insertonly[title]" value="" type="text" aria-required="true"></td>
                </tr>
-               <tr><td></td><td class="help">' . __('Link text, e.g. "Ransom Demands (PDF)"') . '</td></tr>
+               <tr><td></td><td class="help">' . __('Link text, e.g. &#8220;Ransom Demands (PDF)&#8221;') . '</td></tr>
+       ' . _insert_into_post_button('file') . '
+       </tbody></table>
+';
+}
+
+
+function _insert_into_post_button($type) {
+       if ( !post_type_supports(get_post_type($_GET['post_id']), 'editor') )
+               return '';
+
+       if ( 'image' == $type )
+       return '
                <tr>
                        <td></td>
                        <td>
-                               <input type="submit" class="button" name="insertonlybutton" value="' . attribute_escape(__('Insert into Post')) . '" />
+                               <input type="button" class="button" id="go_button" style="color:#bbb;" onclick="addExtImage.insert()" value="' . esc_attr__('Insert into Post') . '" />
                        </td>
                </tr>
-       </tbody></table>
-';
+       ';
+
+       return '
+               <tr>
+                       <td></td>
+                       <td>
+                               ' . get_submit_button( __( 'Insert into Post' ), 'button', 'insertonlybutton', false ) . '
+                       </td>
+               </tr>
+       ';
 }
 
-// support a GET parameter for disabling the flash uploader
+/**
+ * {@internal Missing Short Description}}
+ *
+ * Support a GET parameter for disabling the flash uploader.
+ *
+ * @since 2.6.0
+ *
+ * @param unknown_type $flash
+ * @return unknown
+ */
 function media_upload_use_flash($flash) {
-        if ( array_key_exists('flash', $_REQUEST) )
-                $flash = !empty($_REQUEST['flash']);
-        return $flash;
+       if ( array_key_exists('flash', $_REQUEST) )
+               $flash = !empty($_REQUEST['flash']);
+       return $flash;
 }
 
 add_filter('flash_uploader', 'media_upload_use_flash');
 
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.6.0
+ */
 function media_upload_flash_bypass() {
-        echo '<p class="upload-flash-bypass">';
-        printf( __('You are using the Flash uploader.  Problems?  Try the <a href="%s">Browser uploader</a> instead.'), clean_url(add_query_arg('flash', 0)) );
-        echo '</p>';
+       echo '<p class="upload-flash-bypass">';
+       printf( __('You are using the Flash uploader.  Problems?  Try the <a href="%s">Browser uploader</a> instead.'), esc_url(add_query_arg('flash', 0)) );
+       echo '</p>';
 }
 
-add_action('post-flash-upload-ui', 'media_upload_flash_bypass');
-
-function media_upload_html_bypass() {
-        echo '<p class="upload-html-bypass">';
-        if ( array_key_exists('flash', $_REQUEST) )
-                // the user manually selected the browser uploader, so let them switch back to Flash
-                printf( __('You are using the Browser uploader.  Try the <a href="%s">Flash uploader</a> instead.'), clean_url(add_query_arg('flash', 1)) );
-        else
-                // the user probably doesn't have Flash
-                printf( __('You are using the Browser uploader.') );
-
-        echo '</p>';
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.6.0
+ */
+function media_upload_html_bypass($flash = true) {
+       echo '<p class="upload-html-bypass hide-if-no-js">';
+       _e('You are using the Browser uploader.');
+       if ( $flash ) {
+               // the user manually selected the browser uploader, so let them switch back to Flash
+               echo ' ';
+               printf( __('Try the <a href="%s">Flash uploader</a> instead.'), esc_url(add_query_arg('flash', 1)) );
+       }
+       echo "</p>\n";
 }
 
 add_action('post-flash-upload-ui', 'media_upload_flash_bypass');
 add_action('post-html-upload-ui', 'media_upload_html_bypass');
 
-// make sure the GET parameter sticks when we submit a form
+/**
+ * {@internal Missing Short Description}}
+ *
+ * Make sure the GET parameter sticks when we submit a form.
+ *
+ * @since 2.6.0
+ *
+ * @param unknown_type $url
+ * @return unknown
+ */
 function media_upload_bypass_url($url) {
-        if ( array_key_exists('flash', $_REQUEST) )
-                $url = add_query_arg('flash', intval($_REQUEST['flash']));
-        return $url;
+       if ( array_key_exists('flash', $_REQUEST) )
+               $url = add_query_arg('flash', intval($_REQUEST['flash']));
+       return $url;
 }
 
 add_filter('media_upload_form_url', 'media_upload_bypass_url');
 
-
-
 add_filter('async_upload_image', 'get_media_item', 10, 2);
 add_filter('async_upload_audio', 'get_media_item', 10, 2);
 add_filter('async_upload_video', 'get_media_item', 10, 2);
@@ -1475,5 +2339,3 @@ add_action('media_upload_file', 'media_upload_file');
 add_filter('media_upload_gallery', 'media_upload_gallery');
 
 add_filter('media_upload_library', 'media_upload_library');
-
-?>