1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
|
<?php
/**
* Server-side file upload handler from wp-plupload or other asynchronous upload methods.
*
* @package WordPress
* @subpackage Administration
*/
if ( isset( $_REQUEST['action'] ) && 'upload-attachment' === $_REQUEST['action'] ) {
define( 'DOING_AJAX', true );
}
if ( ! defined( 'WP_ADMIN' ) ) {
define( 'WP_ADMIN', true );
}
if ( defined( 'ABSPATH' ) ) {
require_once ABSPATH . 'wp-load.php';
} else {
require_once dirname( __DIR__ ) . '/wp-load.php';
}
require_once ABSPATH . 'wp-admin/admin.php';
header( 'Content-Type: text/plain; charset=' . get_option( 'blog_charset' ) );
if ( isset( $_REQUEST['action'] ) && 'upload-attachment' === $_REQUEST['action'] ) {
require ABSPATH . 'wp-admin/includes/ajax-actions.php';
send_nosniff_header();
nocache_headers();
wp_ajax_upload_attachment();
die( '0' );
}
if ( ! current_user_can( 'upload_files' ) ) {
wp_die( __( 'Sorry, you are not allowed to upload files.' ) );
}
// Just fetch the detail form for that attachment.
if ( isset( $_REQUEST['attachment_id'] ) && (int) $_REQUEST['attachment_id'] && $_REQUEST['fetch'] ) {
$id = (int) $_REQUEST['attachment_id'];
$post = get_post( $id );
if ( 'attachment' !== $post->post_type ) {
wp_die( __( 'Invalid post type.' ) );
}
switch ( $_REQUEST['fetch'] ) {
case 3:
$thumb_url = wp_get_attachment_image_src( $id, 'thumbnail', true );
if ( $thumb_url ) {
echo '<img class="pinkynail" src="' . esc_url( $thumb_url[0] ) . '" alt="" />';
}
if ( current_user_can( 'edit_post', $id ) ) {
echo '<a class="edit-attachment" href="' . esc_url( get_edit_post_link( $id ) ) . '" target="_blank">' . _x( 'Edit', 'media item' ) . '</a>';
} else {
echo '<span class="edit-attachment">' . _x( 'Success', 'media item' ) . '</span>';
}
// Title shouldn't ever be empty, but use filename just in case.
$file = get_attached_file( $post->ID );
$title = $post->post_title ? $post->post_title : wp_basename( $file );
echo '<div class="filename new"><span class="title">' . esc_html( wp_html_excerpt( $title, 60, '…' ) ) . '</span></div>';
break;
case 2:
add_filter( 'attachment_fields_to_edit', 'media_single_attachment_fields_to_edit', 10, 2 );
echo get_media_item(
$id,
array(
'send' => false,
'delete' => true,
)
);
break;
default:
add_filter( 'attachment_fields_to_edit', 'media_post_single_attachment_fields_to_edit', 10, 2 );
echo get_media_item( $id );
break;
}
exit;
}
check_admin_referer( 'media-form' );
$post_id = 0;
if ( isset( $_REQUEST['post_id'] ) ) {
$post_id = absint( $_REQUEST['post_id'] );
if ( ! get_post( $post_id ) || ! current_user_can( 'edit_post', $post_id ) ) {
$post_id = 0;
}
}
$id = media_handle_upload( 'async-upload', $post_id );
if ( is_wp_error( $id ) ) {
printf(
'<div class="error-div error">%s <strong>%s</strong><br />%s</div>',
sprintf(
'<button type="button" class="dismiss button-link" onclick="jQuery(this).parents(\'div.media-item\').slideUp(200, function(){jQuery(this).remove();});">%s</button>',
__( 'Dismiss' )
),
sprintf(
/* translators: %s: Name of the file that failed to upload. */
__( '“%s” has failed to upload.' ),
esc_html( $_FILES['async-upload']['name'] )
),
esc_html( $id->get_error_message() )
);
exit;
}
if ( $_REQUEST['short'] ) {
// Short form response - attachment ID only.
echo $id;
} else {
// Long form response - big chunk of HTML.
$type = $_REQUEST['type'];
/**
* Filters the returned ID of an uploaded attachment.
*
* The dynamic portion of the hook name, `$type`, refers to the attachment type,
* such as 'image', 'audio', 'video', 'file', etc.
*
* @since 2.5.0
*
* @param int $id Uploaded attachment ID.
*/
echo apply_filters( "async_upload_{$type}", $id );
}
|