* @subpackage Administration
*/
+if ( ! isset( $_GET['inline'] ) )
+ define( 'IFRAME_REQUEST' , true );
+
/** Load WordPress Administration Bootstrap */
-require_once('admin.php');
+require_once('./admin.php');
if (!current_user_can('upload_files'))
wp_die(__('You do not have permission to upload files.'));
-wp_enqueue_script('swfupload-all');
-wp_enqueue_script('swfupload-handlers');
+wp_enqueue_script('plupload-handlers');
+wp_enqueue_script('image-edit');
+wp_enqueue_script('set-post-thumbnail' );
+wp_enqueue_style('imgareaselect');
+wp_enqueue_script( 'media-gallery' );
@header('Content-Type: ' . get_option('html_type') . '; charset=' . get_option('blog_charset'));
// Require an ID for the edit screen
if ( isset($action) && $action == 'edit' && !$ID )
- wp_die(__("You are not allowed to be here"));
-
-if ( isset($_GET['inline']) ) {
-
- if ( isset($_GET['upload-page-form']) ) {
- $errors = media_upload_form_handler();
-
- $location = 'upload.php';
- if ( $errors )
- $location .= '?message=3';
-
- wp_redirect( admin_url($location) );
- }
-
- if ( isset($_POST['html-upload']) && !empty($_FILES) ) {
- // Upload File button was clicked
- $id = media_handle_upload('async-upload', $_REQUEST['post_id']);
- unset($_FILES);
- if ( is_wp_error($id) ) {
- $errors['upload_error'] = $id;
- $id = false;
- }
- }
-
- $title = __('Upload New Media');
- $parent_file = 'upload.php';
- require_once('admin-header.php'); ?>
- <div class="wrap">
- <?php screen_icon(); ?>
- <h2><?php echo esc_html( $title ); ?></h2>
-
- <form enctype="multipart/form-data" method="post" action="media-upload.php?inline=&upload-page-form=" class="media-upload-form type-form validate" id="file-form">
-
- <?php media_upload_form(); ?>
-
- <script type="text/javascript">
- jQuery(function($){
- var preloaded = $(".media-item.preloaded");
- if ( preloaded.length > 0 ) {
- preloaded.each(function(){prepareMediaItem({id:this.id.replace(/[^0-9]/g, '')},'');});
- }
- updateMediaForm();
- post_id = 0;
- shortform = 1;
- });
- </script>
- <input type="hidden" name="post_id" id="post_id" value="0" />
- <?php wp_nonce_field('media-form'); ?>
- <div id="media-items"> </div>
- <p>
- <input type="submit" class="button savebutton" name="save" value="<?php esc_attr_e( 'Save all changes' ); ?>" />
- </p>
- </form>
- </div>
-
-<?php
- include('admin-footer.php');
+ wp_die( __( 'Cheatin’ uh?' ) );
-} else {
+ if ( ! empty( $_REQUEST['post_id'] ) && ! current_user_can( 'edit_post' , $_REQUEST['post_id'] ) )
+ wp_die( __( 'Cheatin’ uh?' ) );
// upload type: image, video, file, ..?
if ( isset($_GET['type']) )
$body_id = 'media-upload';
// let the action code decide how to handle the request
- if ( $tab == 'type' || $tab == 'type_url' )
+ if ( $tab == 'type' || $tab == 'type_url' || ! array_key_exists( $tab , media_upload_tabs() ) )
do_action("media_upload_$type");
else
do_action("media_upload_$tab");
-}
-?>