diff options
Diffstat (limited to 'wp-admin/async-upload.php')
-rw-r--r-- | wp-admin/async-upload.php | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/wp-admin/async-upload.php b/wp-admin/async-upload.php index 1a37dce..c1c0f0d 100644 --- a/wp-admin/async-upload.php +++ b/wp-admin/async-upload.php @@ -15,7 +15,7 @@ if ( empty($_COOKIE[AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie']) ) unset($current_user); require_once('admin.php'); -header('Content-Type: text/plain'); +header('Content-Type: text/plain; charset=' . get_option('blog_charset')); if ( !current_user_can('upload_files') ) wp_die(__('You do not have permission to upload files.')); @@ -26,6 +26,8 @@ if ( ($id = intval($_REQUEST['attachment_id'])) && $_REQUEST['fetch'] ) { exit; } +check_admin_referer('media-form'); + $id = media_handle_upload('async-upload', $_REQUEST['post_id']); if (is_wp_error($id)) { echo '<div id="media-upload-error">'.wp_specialchars($id->get_error_message()).'</div>'; |