mirror of
https://github.com/WordPress/WordPress.git
synced 2024-12-23 01:27:36 +01:00
Better nonces for inline uploading. Props mdawaffe. #2678
git-svn-id: http://svn.automattic.com/wordpress/trunk@3765 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
8bab10e90d
commit
25bf69a118
@ -3,3 +3,8 @@ addLoadEvent(function() {theList.dimComplete = function(what,id,dimClass) {
|
||||
if ( document.getElementById(what + '-' + id).className.match(dimClass) ) m.innerHTML = parseInt(m.innerHTML,10) + 1;
|
||||
else m.innerHTML = parseInt(m.innerHTML,10) - 1;
|
||||
}});
|
||||
addLoadEvent(function() {theList.dimComplete = function(what,id,dimClass) {
|
||||
var m = document.getElementById('awaitmod');
|
||||
if ( document.getElementById(what + '-' + id).className.match(dimClass) ) m.innerHTML = parseInt(m.innerHTML,10) + 1;
|
||||
else m.innerHTML = parseInt(m.innerHTML,10) - 1;
|
||||
}});
|
||||
|
@ -2,8 +2,6 @@
|
||||
|
||||
require_once('admin.php');
|
||||
|
||||
check_admin_referer('inlineuploading');
|
||||
|
||||
header('Content-Type: text/html; charset=' . get_option('blog_charset'));
|
||||
|
||||
if (!current_user_can('upload_files'))
|
||||
@ -36,16 +34,20 @@ break;
|
||||
|
||||
case 'delete':
|
||||
|
||||
check_admin_referer('inlineuploading');
|
||||
|
||||
if ( !current_user_can('edit_post', (int) $attachment) )
|
||||
die(__('You are not allowed to delete this attachment.').' <a href="'.basename(__FILE__)."?post=$post&all=$all&action=upload\">".__('Go back').'</a>');
|
||||
|
||||
wp_delete_attachment($attachment);
|
||||
|
||||
header("Location: ". wp_nonce_url(basename(__FILE__)."?post=$post&all=$all&action=view&start=$start", 'inlineuploading'));
|
||||
header("Location: " . basename(__FILE__) ."?post=$post&all=$all&action=view&start=$start");
|
||||
die;
|
||||
|
||||
case 'save':
|
||||
|
||||
check_admin_referer('inlineuploading');
|
||||
|
||||
$overrides = array('action'=>'save');
|
||||
|
||||
$file = wp_handle_upload($_FILES['image'], $overrides);
|
||||
@ -100,7 +102,7 @@ if ( preg_match('!^image/!', $attachment['post_mime_type']) ) {
|
||||
add_post_meta($id, '_wp_attachment_metadata', array());
|
||||
}
|
||||
|
||||
header("Location: ". wp_nonce_url(basename(__FILE__)."?post=$post&all=$all&action=view&start=0", 'inlineuploading'));
|
||||
header("Location: " . basename(__FILE__) . "?post=$post&all=$all&action=view&start=0");
|
||||
die();
|
||||
|
||||
case 'upload':
|
||||
@ -139,7 +141,7 @@ if ( '' == $sort )
|
||||
$attachments = $wpdb->get_results("SELECT ID, post_date, post_title, post_mime_type, guid FROM $wpdb->posts WHERE post_type = 'attachment' $and_type $and_post $and_user ORDER BY $sort LIMIT $start, $double", ARRAY_A);
|
||||
|
||||
if ( count($attachments) == 0 ) {
|
||||
header("Location: ". wp_nonce_url(basename(__FILE__)."?post=$post&action=upload", 'inlineuploading') );
|
||||
header("Location: " . basename(__FILE__) ."?post=$post&action=upload" );
|
||||
die;
|
||||
} elseif ( count($attachments) > $num ) {
|
||||
$next = $start + count($attachments) - $num;
|
||||
@ -213,7 +215,7 @@ var icon = new Array();
|
||||
</noscript>
|
||||
";
|
||||
$send_delete_cancel = "<a onclick=\"sendToEditor({$ID});return false;\" href=\"javascript:void()\">$__send_to_editor</a>
|
||||
<a onclick=\"return confirm('$__confirmdelete')\" href=\"".basename(__FILE__)."?action=delete&attachment={$ID}&all=$all&start=$start&post=$post\">$__delete</a>
|
||||
<a onclick=\"return confirm('$__confirmdelete')\" href=\"" . wp_nonce_url( basename(__FILE__) . "?action=delete&attachment={$ID}&all=$all&start=$start&post=$post", inlineuploading) . "\">$__delete</a>
|
||||
<a onclick=\"popup.style.display='none';return false;\" href=\"javascript:void()\">$__close</a>
|
||||
";
|
||||
$uwidth_sum += 128;
|
||||
@ -641,25 +643,25 @@ th {
|
||||
</head>
|
||||
<body>
|
||||
<ul id="upload-menu">
|
||||
<li<?php echo $current_1; ?>><a href="<?php echo basename(__FILE__); ?>?action=upload&post=<?php echo $post; ?>&all=<?php echo $all; ?>&start=<?php echo $start; ?>"><?php _e('Upload'); ?></a></li>
|
||||
<li<?php echo $current_1; ?>><a href="<?php echo basename(__FILE__) . "?action=upload&post=$post&all=$all&start=$start"; ?>"><?php _e('Upload'); ?></a></li>
|
||||
<?php if ( $attachments = $wpdb->get_results("SELECT ID FROM $wpdb->posts WHERE post_parent = '$post'") ) { ?>
|
||||
<li<?php echo $current_2; ?>><a href="<?php echo basename(__FILE__); ?>?action=view&post=<?php echo $post; ?>&all=false"><?php _e('Browse'); ?></a></li>
|
||||
<li<?php echo $current_2; ?>><a href="<?php echo basename(__FILE__) . "?action=view&post=$post&all=false"; ?>"><?php _e('Browse'); ?></a></li>
|
||||
<?php } ?>
|
||||
<?php if ($wpdb->get_var("SELECT count(ID) FROM $wpdb->posts WHERE post_type = 'attachment'")) { ?>
|
||||
<li<?php echo $current_3; ?>><a href="<?php echo basename(__FILE__); ?>?action=view&post=<?php echo $post; ?>&all=true"><?php _e('Browse All'); ?></a></li>
|
||||
<li<?php echo $current_3; ?>><a href="<?php echo basename(__FILE__) . "?action=view&post=$post&all=true"; ?>"><?php _e('Browse All'); ?></a></li>
|
||||
<?php } ?>
|
||||
<li> </li>
|
||||
<?php if ( $action == 'view' ) { ?>
|
||||
<?php if ( false !== $back ) : ?>
|
||||
<li class="spacer"><a href="<?php echo basename(__FILE__); ?>?action=<?php echo $action; ?>&post=<?php echo $post; ?>&all=<?php echo $all; ?>&start=0" title="<?php _e('First'); ?>">|«</a></li>
|
||||
<li><a href="<?php echo basename(__FILE__); ?>?action=<?php echo $action; ?>&post=<?php echo $post; ?>&all=<?php echo $all; ?>&start=<?php echo $back; ?>"">« <?php _e('Back'); ?></a></li>
|
||||
<li class="spacer"><a href="<?php echo basename(__FILE__) . "?action=$action&post=$post&all=$all&start=0"; ?>" title="<?php _e('First'); ?>">|«</a></li>
|
||||
<li><a href="<?php echo basename(__FILE__) . "?action=$action&post=$post&all=$all&start=$back"; ?>">« <?php _e('Back'); ?></a></li>
|
||||
<?php else : ?>
|
||||
<li class="inactive spacer">|«</li>
|
||||
<li class="inactive">« <?php _e('Back'); ?></li>
|
||||
<?php endif; ?>
|
||||
<?php if ( false !== $next ) : ?>
|
||||
<li><a href="<?php echo basename(__FILE__); ?>?action=<?php echo $action; ?>&post=<?php echo $post; ?>&all=<?php echo $all; ?>&start=<?php echo $next; ?>"><?php _e('Next »'); ?></a></li>
|
||||
<li><a href="<?php echo basename(__FILE__); ?>?action=<?php echo $action; ?>&post=<?php echo $post; ?>&all=<?php echo $all; ?>&last=true" title="<?php _e('Last'); ?>">»|</a></li>
|
||||
<li><a href="<?php echo basename(__FILE__) . "?action=$action&post=$post&all=$all&start=$next"; ?>"><?php _e('Next »'); ?></a></li>
|
||||
<li><a href="<?php echo basename(__FILE__) . "?action=$action&post=$post&all=$all&last=true"; ?>" title="<?php _e('Last'); ?>">»|</a></li>
|
||||
<?php else : ?>
|
||||
<li class="inactive"><?php _e('Next »'); ?></li>
|
||||
<li class="inactive">»|</li>
|
||||
@ -697,6 +699,7 @@ th {
|
||||
<input type="hidden" name="post" value="<?php echo $post; ?>" />
|
||||
<input type="hidden" name="all" value="<?php echo $all; ?>" />
|
||||
<input type="hidden" name="start" value="<?php echo $start; ?>" />
|
||||
<?php wp_nonce_field( 'inlineuploading' ); ?>
|
||||
<div id="submit">
|
||||
<input type="submit" value="<?php _e('Upload'); ?>" />
|
||||
<?php if ( !empty($all) ) : ?>
|
||||
|
Loading…
Reference in New Issue
Block a user