X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/699231ae09f7057a4d0000cdf32e50a3df6a04ca..b137f4ce021b4022c56f452c2eafa7abfcef0a7c:/wp-admin/includes/media.php
diff --git a/wp-admin/includes/media.php b/wp-admin/includes/media.php
index 405ca9f2..99deac5a 100644
--- a/wp-admin/includes/media.php
+++ b/wp-admin/includes/media.php
@@ -9,7 +9,7 @@
/**
* {@internal Missing Short Description}}
*
- * @since unknown
+ * @since 2.5.0
*
* @return unknown
*/
@@ -27,7 +27,7 @@ function media_upload_tabs() {
/**
* {@internal Missing Short Description}}
*
- * @since unknown
+ * @since 2.5.0
*
* @param unknown_type $tabs
* @return unknown
@@ -59,7 +59,7 @@ add_filter('media_upload_tabs', 'update_gallery_tab');
/**
* {@internal Missing Short Description}}
*
- * @since unknown
+ * @since 2.5.0
*/
function the_media_upload_tabs() {
global $redir_tab;
@@ -89,7 +89,7 @@ function the_media_upload_tabs() {
/**
* {@internal Missing Short Description}}
*
- * @since unknown
+ * @since 2.5.0
*
* @param unknown_type $id
* @param unknown_type $alt
@@ -117,7 +117,7 @@ function get_image_send_to_editor($id, $caption, $title, $align, $url='', $rel =
/**
* {@internal Missing Short Description}}
*
- * @since unknown
+ * @since 2.6.0
*
* @param unknown_type $html
* @param unknown_type $id
@@ -140,6 +140,11 @@ function image_add_caption( $html, $id, $caption, $title, $align, $url, $size, $
$width = $matches[1];
+ $caption = str_replace( array( '>', '<', '"', "'" ),
+ array( '>', '<', '"', ''' ),
+ $caption
+ );
+
$html = preg_replace( '/(class=["\'][^\'"]*)align(none|left|right|center)\s?/', '$1', $html );
if ( empty($align) )
$align = 'none';
@@ -154,7 +159,7 @@ add_filter( 'image_send_to_editor', 'image_add_caption', 20, 8 );
/**
* {@internal Missing Short Description}}
*
- * @since unknown
+ * @since 2.5.0
*
* @param unknown_type $html
*/
@@ -175,7 +180,7 @@ win.send_to_editor('');
*
* This handles the file upload POST itself, creating the attachment post.
*
- * @since unknown
+ * @since 2.5.0
*
* @param string $file_id Index into the {@link $_FILES} array of the upload
* @param int $post_id The post ID the media is associated with
@@ -223,6 +228,10 @@ function media_handle_upload($file_id, $post_id, $post_data = array(), $override
'post_content' => $content,
), $post_data );
+ // This should never be set as it would then overwrite an existing attachment.
+ if ( isset( $attachment['ID'] ) )
+ unset( $attachment['ID'] );
+
// Save the data
$id = wp_insert_attachment($attachment, $file, $post_id);
if ( !is_wp_error($id) ) {
@@ -234,15 +243,15 @@ function media_handle_upload($file_id, $post_id, $post_data = array(), $override
}
/**
- * {@internal Missing Short Description}}
+ * This handles a sideloaded file in the same way as an uploaded file is handled by {@link media_handle_upload()}
*
- * @since unknown
+ * @since 2.6.0
*
- * @param unknown_type $file_array
- * @param unknown_type $post_id
- * @param unknown_type $desc
- * @param unknown_type $post_data
- * @return unknown
+ * @param array $file_array Array similar to a {@link $_FILES} upload array
+ * @param int $post_id The post ID the media is associated with
+ * @param string $desc Description of the sideloaded file
+ * @param array $post_data allows you to overwrite some of the attachment
+ * @return int|object The ID of the attachment or a WP_Error on failure
*/
function media_handle_sideload($file_array, $post_id, $desc = null, $post_data = array()) {
$overrides = array('test_form'=>false);
@@ -265,7 +274,7 @@ function media_handle_sideload($file_array, $post_id, $desc = null, $post_data =
$content = $image_meta['caption'];
}
- $title = @$desc;
+ $title = isset($desc) ? $desc : '';
// Construct the attachment array
$attachment = array_merge( array(
@@ -276,12 +285,15 @@ function media_handle_sideload($file_array, $post_id, $desc = null, $post_data =
'post_content' => $content,
), $post_data );
+ // This should never be set as it would then overwrite an existing attachment.
+ if ( isset( $attachment['ID'] ) )
+ unset( $attachment['ID'] );
+
// Save the attachment metadata
$id = wp_insert_attachment($attachment, $file, $post_id);
- if ( !is_wp_error($id) ) {
+ if ( !is_wp_error($id) )
wp_update_attachment_metadata( $id, wp_generate_attachment_metadata( $id, $file ) );
- return $url;
- }
+
return $id;
}
@@ -291,7 +303,7 @@ function media_handle_sideload($file_array, $post_id, $desc = null, $post_data =
* Wrap iframe content (produced by $content_func) in a doctype, html head/body
* etc any additional function args will be passed to content_func.
*
- * @since unknown
+ * @since 2.5.0
*
* @param unknown_type $content_func
*/
@@ -307,7 +319,8 @@ wp_enqueue_style( 'global' );
wp_enqueue_style( 'wp-admin' );
wp_enqueue_style( 'colors' );
// Check callback name for 'media'
-if ( ( is_array( $content_func ) && ! empty( $content_func[1] ) && 0 === strpos( (string) $content_func[1], 'media' ) ) || 0 === strpos( $content_func, 'media' ) )
+if ( ( is_array( $content_func ) && ! empty( $content_func[1] ) && 0 === strpos( (string) $content_func[1], 'media' ) )
+ || ( ! is_array( $content_func ) && 0 === strpos( $content_func, 'media' ) ) )
wp_enqueue_style( 'media' );
wp_enqueue_style( 'ie' );
?>
@@ -315,7 +328,8 @@ wp_enqueue_style( 'ie' );
//','uid':'ID; ?>','time':''};
-var ajaxurl = '', pagenow = 'media-upload-popup', adminpage = 'media-upload-popup';
+var ajaxurl = '', pagenow = 'media-upload-popup', adminpage = 'media-upload-popup',
+isRtl = ;
//]]>
![$title](" . esc_url( admin_url( $icon ) ) . ")
";
+ return "";
}
function get_upload_iframe_src($type) {
@@ -397,7 +411,7 @@ function get_upload_iframe_src($type) {
/**
* {@internal Missing Short Description}}
*
- * @since unknown
+ * @since 2.5.0
*
* @return unknown
*/
@@ -413,6 +427,11 @@ function media_upload_form_handler() {
if ( !empty($_POST['attachments']) ) foreach ( $_POST['attachments'] as $attachment_id => $attachment ) {
$post = $_post = get_post($attachment_id, ARRAY_A);
+ $post_type_object = get_post_type_object( $post[ 'post_type' ] );
+
+ if ( !current_user_can( $post_type_object->cap->edit_post, $attachment_id ) )
+ continue;
+
if ( isset($attachment['post_content']) )
$post['post_content'] = $attachment['post_content'];
if ( isset($attachment['post_title']) )
@@ -484,7 +503,7 @@ function media_upload_form_handler() {
/**
* {@internal Missing Short Description}}
*
- * @since unknown
+ * @since 2.5.0
*
* @return unknown
*/
@@ -493,6 +512,7 @@ function media_upload_image() {
$id = 0;
if ( isset($_POST['html-upload']) && !empty($_FILES) ) {
+ check_admin_referer('media-form');
// Upload File button was clicked
$id = media_handle_upload('async-upload', $_REQUEST['post_id']);
unset($_FILES);
@@ -541,19 +561,19 @@ function media_upload_image() {
}
/**
- * {@internal Missing Short Description}}
+ * Download an image from the specified URL and attach it to a post.
*
- * @since unknown
+ * @since 2.6.0
*
- * @param unknown_type $file
- * @param unknown_type $post_id
- * @param unknown_type $desc
- * @return unknown
+ * @param string $file The URL of the image to download
+ * @param int $post_id The post ID the media is to be associated with
+ * @param string $desc Optional. Description of the image
+ * @return string|WP_Error Populated HTML img tag on success
*/
function media_sideload_image($file, $post_id, $desc = null) {
- if (!empty($file) ) {
+ if ( ! empty($file) ) {
// Download file to temp location
- $tmp = download_url($file);
+ $tmp = download_url( $file );
// Set variables for storage
// fix file filename for query strings
@@ -562,25 +582,25 @@ function media_sideload_image($file, $post_id, $desc = null) {
$file_array['tmp_name'] = $tmp;
// If error storing temporarily, unlink
- if ( is_wp_error($tmp) ) {
+ if ( is_wp_error( $tmp ) ) {
@unlink($file_array['tmp_name']);
$file_array['tmp_name'] = '';
}
// do the validation and storage stuff
- $id = media_handle_sideload($file_array, $post_id, @$desc);
- $src = $id;
-
+ $id = media_handle_sideload( $file_array, $post_id, $desc );
// If error storing permanently, unlink
if ( is_wp_error($id) ) {
@unlink($file_array['tmp_name']);
return $id;
}
+
+ $src = wp_get_attachment_url( $id );
}
// Finally check to make sure the file has been saved, then return the html
- if ( !empty($src) ) {
- $alt = @$desc;
+ if ( ! empty($src) ) {
+ $alt = isset($desc) ? esc_attr($desc) : '';
$html = "
";
return $html;
}
@@ -589,7 +609,7 @@ function media_sideload_image($file, $post_id, $desc = null) {
/**
* {@internal Missing Short Description}}
*
- * @since unknown
+ * @since 2.5.0
*
* @return unknown
*/
@@ -598,6 +618,7 @@ function media_upload_audio() {
$id = 0;
if ( isset($_POST['html-upload']) && !empty($_FILES) ) {
+ check_admin_referer('media-form');
// Upload File button was clicked
$id = media_handle_upload('async-upload', $_REQUEST['post_id']);
unset($_FILES);
@@ -647,7 +668,7 @@ function media_upload_audio() {
/**
* {@internal Missing Short Description}}
*
- * @since unknown
+ * @since 2.5.0
*
* @return unknown
*/
@@ -656,6 +677,7 @@ function media_upload_video() {
$id = 0;
if ( isset($_POST['html-upload']) && !empty($_FILES) ) {
+ check_admin_referer('media-form');
// Upload File button was clicked
$id = media_handle_upload('async-upload', $_REQUEST['post_id']);
unset($_FILES);
@@ -705,7 +727,7 @@ function media_upload_video() {
/**
* {@internal Missing Short Description}}
*
- * @since unknown
+ * @since 2.5.0
*
* @return unknown
*/
@@ -714,6 +736,7 @@ function media_upload_file() {
$id = 0;
if ( isset($_POST['html-upload']) && !empty($_FILES) ) {
+ check_admin_referer('media-form');
// Upload File button was clicked
$id = media_handle_upload('async-upload', $_REQUEST['post_id']);
unset($_FILES);
@@ -760,7 +783,7 @@ function media_upload_file() {
/**
* {@internal Missing Short Description}}
*
- * @since unknown
+ * @since 2.5.0
*
* @return unknown
*/
@@ -783,7 +806,7 @@ function media_upload_gallery() {
/**
* {@internal Missing Short Description}}
*
- * @since unknown
+ * @since 2.5.0
*
* @return unknown
*/
@@ -804,7 +827,7 @@ function media_upload_library() {
/**
* Retrieve HTML for the image alignment radio buttons with the specified one checked.
*
- * @since unknown
+ * @since 2.7.0
*
* @param unknown_type $post
* @param unknown_type $checked
@@ -832,10 +855,10 @@ function image_align_input_fields( $post, $checked = '' ) {
/**
* Retrieve HTML for the size radio buttons with the specified one checked.
*
- * @since unknown
+ * @since 2.7.0
*
* @param unknown_type $post
- * @param unknown_type $checked
+ * @param unknown_type $check
* @return unknown
*/
function image_size_input_fields( $post, $check = '' ) {
@@ -887,7 +910,7 @@ function image_size_input_fields( $post, $check = '' ) {
/**
* Retrieve HTML for the Link URL buttons with the default link type as specified.
*
- * @since unknown
+ * @since 2.7.0
*
* @param unknown_type $post
* @param unknown_type $url_type
@@ -918,7 +941,7 @@ function image_link_input_fields($post, $url_type = '') {
/**
* {@internal Missing Short Description}}
*
- * @since unknown
+ * @since 2.5.0
*
* @param unknown_type $form_fields
* @param unknown_type $post
@@ -957,7 +980,7 @@ add_filter('attachment_fields_to_edit', 'image_attachment_fields_to_edit', 10, 2
/**
* {@internal Missing Short Description}}
*
- * @since unknown
+ * @since 2.5.0
*
* @param unknown_type $form_fields
* @param unknown_type $post
@@ -968,6 +991,15 @@ function media_single_attachment_fields_to_edit( $form_fields, $post ) {
return $form_fields;
}
+/**
+ * {@internal Missing Short Description}}
+ *
+ * @since 2.8.0
+ *
+ * @param unknown_type $form_fields
+ * @param unknown_type $post
+ * @return unknown
+ */
function media_post_single_attachment_fields_to_edit( $form_fields, $post ) {
unset($form_fields['image_url']);
return $form_fields;
@@ -976,7 +1008,7 @@ function media_post_single_attachment_fields_to_edit( $form_fields, $post ) {
/**
* {@internal Missing Short Description}}
*
- * @since unknown
+ * @since 2.5.0
*
* @param unknown_type $post
* @param unknown_type $attachment
@@ -998,7 +1030,7 @@ add_filter('attachment_fields_to_save', 'image_attachment_fields_to_save', 10, 2
/**
* {@internal Missing Short Description}}
*
- * @since unknown
+ * @since 2.5.0
*
* @param unknown_type $html
* @param unknown_type $attachment_id
@@ -1025,7 +1057,7 @@ add_filter('media_send_to_editor', 'image_media_send_to_editor', 10, 3);
/**
* {@internal Missing Short Description}}
*
- * @since unknown
+ * @since 2.5.0
*
* @param unknown_type $post
* @param unknown_type $errors
@@ -1079,6 +1111,8 @@ function get_attachment_fields_to_edit($post, $errors = null) {
foreach ( get_attachment_taxonomies($post) as $taxonomy ) {
$t = (array) get_taxonomy($taxonomy);
+ if ( ! $t['public'] )
+ continue;
if ( empty($t['label']) )
$t['label'] = $taxonomy;
if ( empty($t['args']) )
@@ -1113,7 +1147,7 @@ function get_attachment_fields_to_edit($post, $errors = null) {
* component. Will also create link for showing and hiding the form to modify
* the image attachment.
*
- * @since unknown
+ * @since 2.5.0
*
* @param int $post_id Optional. Post ID.
* @param array $errors Errors for attachment, if any.
@@ -1147,7 +1181,7 @@ function get_media_items( $post_id, $errors ) {
/**
* Retrieve HTML form for modifying the image attachment.
*
- * @since unknown
+ * @since 2.5.0
*
* @param int $attachment_id Attachment ID for modification.
* @param string|array $args Optional. Override defaults.
@@ -1163,14 +1197,15 @@ function get_media_item( $attachment_id, $args = null ) {
$post = get_post( $attachment_id );
- $default_args = array( 'errors' => null, 'send' => post_type_supports(get_post_type($post->post_parent), 'editor'), 'delete' => true, 'toggle' => true, 'show_title' => true );
+ $default_args = array( 'errors' => null, 'send' => $post->post_parent ? post_type_supports( get_post_type( $post->post_parent ), 'editor' ) : true, 'delete' => true, 'toggle' => true, 'show_title' => true );
$args = wp_parse_args( $args, $default_args );
+ $args = apply_filters( 'get_media_item_args', $args );
extract( $args, EXTR_SKIP );
$toggle_on = __( 'Show' );
$toggle_off = __( 'Hide' );
- $filename = basename( $post->guid );
+ $filename = esc_html( basename( $post->guid ) );
$title = esc_attr( $post->post_title );
if ( $_tags = get_the_tags( $attachment_id ) ) {
@@ -1265,7 +1300,7 @@ function get_media_item( $attachment_id, $args = null ) {
);
if ( $send )
- $send = "";
+ $send = get_submit_button( __( 'Insert into Post' ), 'button', "send[$attachment_id]", false );
if ( $delete && current_user_can( 'delete_post', $attachment_id ) ) {
if ( !EMPTY_TRASH_DAYS ) {
$delete = "" . __( 'Delete Permanently' ) . '';
@@ -1300,7 +1335,7 @@ function get_media_item( $attachment_id, $args = null ) {
$hidden_fields = array();
foreach ( $form_fields as $id => $field ) {
- if ( $id{0} == '_' )
+ if ( $id[0] == '_' )
continue;
if ( !empty( $field['tr'] ) ) {
@@ -1325,7 +1360,10 @@ function get_media_item( $attachment_id, $args = null ) {
if ( !empty( $field[ $field['input'] ] ) )
$item .= $field[ $field['input'] ];
elseif ( $field['input'] == 'textarea' ) {
- $item .= "';
+ if ( user_can_richedit() ) { // textarea_escaped when user_can_richedit() = false
+ $field['value'] = esc_textarea( $field['value'] );
+ }
+ $item .= "';
} else {
$item .= "";
}
@@ -1369,7 +1407,7 @@ function get_media_item( $attachment_id, $args = null ) {
/**
* {@internal Missing Short Description}}
*
- * @since unknown
+ * @since 2.5.0
*/
function media_upload_header() {
?>
@@ -1383,12 +1421,12 @@ function media_upload_header() {
/**
* {@internal Missing Short Description}}
*
- * @since unknown
+ * @since 2.5.0
*
* @param unknown_type $errors
*/
function media_upload_form( $errors = null ) {
- global $type, $tab;
+ global $type, $tab, $pagenow;
$flash_action_url = admin_url('async-upload.php');
@@ -1440,7 +1478,36 @@ if ( is_multisite() && !is_upload_space_available() ) {
do_action('pre-upload-ui');
-if ( $flash ) : ?>
+if ( $flash ) :
+
+// Set the post params, which SWFUpload will post back with the file, and pass
+// them through a filter.
+$post_params = array(
+ "post_id" => $post_id,
+ "auth_cookie" => (is_ssl() ? $_COOKIE[SECURE_AUTH_COOKIE] : $_COOKIE[AUTH_COOKIE]),
+ "logged_in_cookie" => $_COOKIE[LOGGED_IN_COOKIE],
+ "_wpnonce" => wp_create_nonce('media-form'),
+ "type" => $type,
+ "tab" => $tab,
+ "short" => "1",
+);
+$post_params = apply_filters( 'swfupload_post_params', $post_params );
+$p = array();
+foreach ( $post_params as $param => $val )
+ $p[] = "\t\t'$param' : '$val'";
+$post_params_str = implode( ", \n", $p );
+
+// #8545. wmode=transparent cannot be used with SWFUpload
+if ( 'media-new.php' == $pagenow ) {
+ $upload_image_path = get_user_option( 'admin_color' );
+ if ( 'classic' != $upload_image_path )
+ $upload_image_path = 'fresh';
+ $upload_image_path = admin_url( 'images/upload-' . $upload_image_path . '.png?ver=20101205' );
+} else {
+ $upload_image_path = includes_url( 'images/upload.png?ver=20100531' );
+}
+
+?>