mirror of
https://github.com/WordPress/WordPress.git
synced 2024-12-22 17:18:32 +01:00
Check the user before overwriting the attachment. Props xknown and Joseph Scott. fixes #4422
git-svn-id: http://svn.automattic.com/wordpress/trunk@5671 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
64b91fc94b
commit
d84178acd7
30
xmlrpc.php
30
xmlrpc.php
@ -1429,6 +1429,21 @@ class wp_xmlrpc_server extends IXR_Server {
|
||||
$type = $data['type'];
|
||||
$bits = $data['bits'];
|
||||
|
||||
logIO('O', '(MW) Received '.strlen($bits).' bytes');
|
||||
|
||||
if ( !$this->login_pass_ok($user_login, $user_pass) )
|
||||
return $this->error;
|
||||
|
||||
set_current_user(0, $user_login);
|
||||
if ( !current_user_can('upload_files') ) {
|
||||
logIO('O', '(MW) User does not have upload_files capability');
|
||||
$this->error = new IXR_Error(401, __('You are not allowed to upload files to this site.'));
|
||||
return $this->error;
|
||||
}
|
||||
|
||||
if ( $upload_err = apply_filters( "pre_upload_error", false ) )
|
||||
return new IXR_Error(500, $upload_err);
|
||||
|
||||
if(!empty($data["overwrite"]) && ($data["overwrite"] == true)) {
|
||||
// Get postmeta info on the object.
|
||||
$old_file = $wpdb->get_row("
|
||||
@ -1447,21 +1462,6 @@ class wp_xmlrpc_server extends IXR_Server {
|
||||
$name = "wpid{$old_file->ID}-{$filename}";
|
||||
}
|
||||
|
||||
logIO('O', '(MW) Received '.strlen($bits).' bytes');
|
||||
|
||||
if ( !$this->login_pass_ok($user_login, $user_pass) )
|
||||
return $this->error;
|
||||
|
||||
set_current_user(0, $user_login);
|
||||
if ( !current_user_can('upload_files') ) {
|
||||
logIO('O', '(MW) User does not have upload_files capability');
|
||||
$this->error = new IXR_Error(401, __('You are not allowed to upload files to this site.'));
|
||||
return $this->error;
|
||||
}
|
||||
|
||||
if ( $upload_err = apply_filters( "pre_upload_error", false ) )
|
||||
return new IXR_Error(500, $upload_err);
|
||||
|
||||
$upload = wp_upload_bits($name, $type, $bits, $overwrite);
|
||||
if ( ! empty($upload['error']) ) {
|
||||
$errorString = sprintf(__('Could not write file %1$s (%2$s)'), $name, $upload['error']);
|
||||
|
Loading…
Reference in New Issue
Block a user