X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/a5227bf01edbe6660486c9f5c0f0ed7b7fea3130..refs/tags/wordpress-3.4:/wp-admin/media-upload.php
diff --git a/wp-admin/media-upload.php b/wp-admin/media-upload.php
index fc3bf325..6246176b 100644
--- a/wp-admin/media-upload.php
+++ b/wp-admin/media-upload.php
@@ -9,17 +9,20 @@
* @subpackage Administration
*/
+if ( ! isset( $_GET['inline'] ) )
+ define( 'IFRAME_REQUEST' , true );
+
/** Load WordPress Administration Bootstrap */
require_once('./admin.php');
if (!current_user_can('upload_files'))
wp_die(__('You do not have permission to upload files.'));
-wp_enqueue_script('swfupload-all');
-wp_enqueue_script('swfupload-handlers');
+wp_enqueue_script('plupload-handlers');
wp_enqueue_script('image-edit');
wp_enqueue_script('set-post-thumbnail' );
wp_enqueue_style('imgareaselect');
+wp_enqueue_script( 'media-gallery' );
@header('Content-Type: ' . get_option('html_type') . '; charset=' . get_option('blog_charset'));
@@ -29,11 +32,14 @@ $post_id = isset($post_id)? (int) $post_id : 0;
// Require an ID for the edit screen
if ( isset($action) && $action == 'edit' && !$ID )
- wp_die(__("You are not allowed to be here"));
+ wp_die( __( 'Cheatin’ uh?' ) );
if ( isset($_GET['inline']) ) {
$errors = array();
+ if ( ! empty( $_REQUEST['post_id'] ) && ! current_user_can( 'edit_post' , $_REQUEST['post_id'] ) )
+ wp_die( __( 'Cheatin’ uh?' ) );
+
if ( isset($_POST['html-upload']) && !empty($_FILES) ) {
check_admin_referer('media-form');
// Upload File button was clicked
@@ -53,25 +59,44 @@ if ( isset($_GET['inline']) ) {
$location .= '?message=3';
wp_redirect( admin_url($location) );
+ exit;
}
+ if ( isset( $_REQUEST['post_id'] ) )
+ wp_die( __( 'Cheatin’ uh?' ) );
+
$title = __('Upload New Media');
$parent_file = 'upload.php';
-
- add_contextual_help( $current_screen,
-'' . __('You can upload media files here without creating a post first. This allows you to upload files to use with posts and pages later and/or to get a web link for a particular file that you can share.') . '
' .
- '' . __('There are two options for uploading files: Select Files will open the Flash-based uploader (multiple file upload allowed), or you can use the Browser Uploader. Clicking Select Files opens a navigation window showing you files in your operating system. Selecting Open after clicking on the file you want activates a progress bar on the uploader screen. Basic image editing is available after upload is complete. Make sure you click Save before leaving this screen.') . '
' .
+ get_current_screen()->add_help_tab( array(
+ 'id' => 'overview',
+ 'title' => __('Overview'),
+ 'content' =>
+ '' . __('You can upload media files here without creating a post first. This allows you to upload files to use with posts and pages later and/or to get a web link for a particular file that you can share. There are three options for uploading files:') . '
' .
+ '' .
+ '- ' . __('Drag and drop your files into the area below. Multiple files are allowed.') . '
' .
+ '- ' . __('Clicking Select Files opens a navigation window showing you files in your operating system. Selecting Open after clicking on the file you want activates a progress bar on the uploader screen.') . '
' .
+ '- ' . __('Revert to the Browser Uploader by clicking the link below the drag and drop box.') . '
' .
+ '
' .
+ '' . __('Basic image editing is available after upload is complete. Make sure you click Save before leaving this screen.') . '
'
+ ) );
+ get_current_screen()->set_help_sidebar(
'' . __('For more information:') . '
' .
- '' . __('Documentation on Uploading Media Files') . '
' .
+ '' . __('Documentation on Uploading Media Files') . '
' .
'' . __('Support Forums') . '
'
);
- require_once('./admin-header.php'); ?>
+ require_once('./admin-header.php');
+
+ $form_class = 'media-upload-form type-form validate';
+
+ if ( get_user_setting('uploader') )
+ $form_class .= ' html-uploader';
+ ?>
@@ -99,6 +122,8 @@ if ( isset($_GET['inline']) ) {
include('./admin-footer.php');
} else {
+ if ( ! empty( $_REQUEST['post_id'] ) && ! current_user_can( 'edit_post' , $_REQUEST['post_id'] ) )
+ wp_die( __( 'Cheatin’ uh?' ) );
// upload type: image, video, file, ..?
if ( isset($_GET['type']) )
@@ -115,9 +140,8 @@ if ( isset($_GET['inline']) ) {
$body_id = 'media-upload';
// let the action code decide how to handle the request
- if ( $tab == 'type' || $tab == 'type_url' )
+ if ( $tab == 'type' || $tab == 'type_url' || ! array_key_exists( $tab , media_upload_tabs() ) )
do_action("media_upload_$type");
else
do_action("media_upload_$tab");
}
-?>