X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/449d082fcc4873c1f7d363a0d9f7409be7f6e77d..88550bc3400cc7c035ff590ecb007c7938041ded:/wp-admin/media-upload.php

diff --git a/wp-admin/media-upload.php b/wp-admin/media-upload.php
index 9ba2268f..5c769e01 100644
--- a/wp-admin/media-upload.php
+++ b/wp-admin/media-upload.php
@@ -9,16 +9,20 @@
  * @subpackage Administration
  */
 
+if ( ! isset( $_GET['inline'] ) )
+	define( 'IFRAME_REQUEST' , true );
+
 /** Load WordPress Administration Bootstrap */
-require_once('admin.php');
+require_once( dirname( __FILE__ ) . '/admin.php' );
 
 if (!current_user_can('upload_files'))
 	wp_die(__('You do not have permission to upload files.'));
 
-wp_enqueue_script('swfupload');
-wp_enqueue_script('swfupload-swfobject');
-wp_enqueue_script('swfupload-queue');
-wp_enqueue_script('swfupload-handlers');
+wp_enqueue_script('plupload-handlers');
+wp_enqueue_script('image-edit');
+wp_enqueue_script('set-post-thumbnail' );
+wp_enqueue_style('imgareaselect');
+wp_enqueue_script( 'media-gallery' );
 
 @header('Content-Type: ' . get_option('html_type') . '; charset=' . get_option('blog_charset'));
 
@@ -26,86 +30,71 @@ wp_enqueue_script('swfupload-handlers');
 $ID = isset($ID) ? (int) $ID : 0;
 $post_id = isset($post_id)? (int) $post_id : 0;
 
-// Require an ID for the edit screen
+// Require an ID for the edit screen.
 if ( isset($action) && $action == 'edit' && !$ID )
-	wp_die(__("You are not allowed to be here"));
-
-if ( isset($_GET['inline']) ) {
-
-	if ( isset($_GET['upload-page-form']) ) {
-		$errors = media_upload_form_handler();
-
-		$location = 'upload.php';
-		if ( $errors )
-			$location .= '?message=3';
-
-		wp_redirect( admin_url($location) );
-	}
-
-	if ( isset($_POST['html-upload']) && !empty($_FILES) ) {
-		// Upload File button was clicked
-		$id = media_handle_upload('async-upload', $_REQUEST['post_id']);
-		unset($_FILES);
-		if ( is_wp_error($id) ) {
-			$errors['upload_error'] = $id;
-			$id = false;
-		}
-	}
-
-	$title = __('Upload New Media');
-	$parent_file = 'upload.php';
-	require_once('admin-header.php'); ?>
-	<div class="wrap">
-	<?php screen_icon(); ?>
-	<h2><?php echo wp_specialchars( $title ); ?></h2>
+	wp_die( __( 'Cheatin&#8217; uh?' ), 403 );
 
-	<form enctype="multipart/form-data" method="post" action="media-upload.php?inline=&amp;upload-page-form=" class="media-upload-form type-form validate" id="file-form">
+	if ( ! empty( $_REQUEST['post_id'] ) && ! current_user_can( 'edit_post' , $_REQUEST['post_id'] ) )
+		wp_die( __( 'Cheatin&#8217; uh?' ), 403 );
 
-	<?php media_upload_form(); ?>
-
-	<script type="text/javascript">
-	jQuery(function($){
-		var preloaded = $(".media-item.preloaded");
-		if ( preloaded.length > 0 ) {
-			preloaded.each(function(){prepareMediaItem({id:this.id.replace(/[^0-9]/g, '')},'');});
-		}
-		updateMediaForm();
-		post_id = 0;
-		shortform = 1;
-	});
-	</script>
-	<input type="hidden" name="post_id" id="post_id" value="0" />
-	<?php wp_nonce_field('media-form'); ?>
-	<div id="media-items"> </div>
-	<p>
-	<input type="submit" class="button savebutton" name="save" value="<?php echo attribute_escape( __( 'Save all changes' ) ); ?>" />
-	</p>
-	</form>
-	</div>
-
-<?php
-	include('admin-footer.php');
-
-} else {
-
-	// upload type: image, video, file, ..?
-	if ( isset($_GET['type']) )
+	// Upload type: image, video, file, ..?
+	if ( isset($_GET['type']) ) {
 		$type = strval($_GET['type']);
-	else
-		$type = apply_filters('media_upload_default_type', 'file');
+	} else {
+		/**
+		 * Filter the default media upload type in the legacy (pre-3.5.0) media popup.
+		 *
+		 * @since 2.5.0
+		 *
+		 * @param string $type The default media upload type. Possible values include
+		 *                     'image', 'audio', 'video', 'file', etc. Default 'file'.
+		 */
+		$type = apply_filters( 'media_upload_default_type', 'file' );
+	}
 
-	// tab: gallery, library, or type-specific
-	if ( isset($_GET['tab']) )
+	// Tab: gallery, library, or type-specific.
+	if ( isset($_GET['tab']) ) {
 		$tab = strval($_GET['tab']);
-	else
-		$tab = apply_filters('media_upload_default_tab', 'type');
+	} else {
+		/**
+		 * Filter the default tab in the legacy (pre-3.5.0) media popup.
+		 *
+		 * @since 2.5.0
+		 *
+		 * @param string $type The default media popup tab. Default 'type' (From Computer).
+		 */
+		$tab = apply_filters( 'media_upload_default_tab', 'type' );
+	}
 
 	$body_id = 'media-upload';
 
-	// let the action code decide how to handle the request
-	if ( $tab == 'type' || $tab == 'type_url' )
-		do_action("media_upload_$type");
-	else
-		do_action("media_upload_$tab");
-}
-?>
+	// Let the action code decide how to handle the request.
+	if ( $tab == 'type' || $tab == 'type_url' || ! array_key_exists( $tab , media_upload_tabs() ) ) {
+		/**
+		 * Fires inside specific upload-type views in the legacy (pre-3.5.0)
+		 * media popup based on the current tab.
+		 *
+		 * The dynamic portion of the hook name, `$type`, refers to the specific
+		 * media upload type. Possible values include 'image', 'audio', 'video',
+		 * 'file', etc.
+		 *
+		 * The hook only fires if the current `$tab` is 'type' (From Computer),
+		 * 'type_url' (From URL), or, if the tab does not exist (i.e., has not
+		 * been registered via the {@see 'media_upload_tabs'} filter.
+		 *
+		 * @since 2.5.0
+		 */
+		do_action( "media_upload_$type" );
+	} else {
+		/**
+		 * Fires inside limited and specific upload-tab views in the legacy
+		 * (pre-3.5.0) media popup.
+		 *
+		 * The dynamic portion of the hook name, `$tab`, refers to the specific
+		 * media upload tab. Possible values include 'library' (Media Library),
+		 * or any custom tab registered via the {@see 'media_upload_tabs'} filter.
+		 *
+		 * @since 2.5.0
+		 */
+		do_action( "media_upload_$tab" );
+	}