From 9d42ec4ee5db0437e9ad14b793f044fa0f5de8fe Mon Sep 17 00:00:00 2001 From: donncha Date: Wed, 7 Jun 2006 14:28:14 +0000 Subject: WP Merge and new features git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@550 7be80a69-a1ef-0310-a953-fb0f7c49ff36 --- wp-inst/wp-admin/inline-uploading.php | 27 ++++++++++++++++----------- 1 file changed, 16 insertions(+), 11 deletions(-) (limited to 'wp-inst/wp-admin/inline-uploading.php') diff --git a/wp-inst/wp-admin/inline-uploading.php b/wp-inst/wp-admin/inline-uploading.php index 1e3b812..601f530 100644 --- a/wp-inst/wp-admin/inline-uploading.php +++ b/wp-inst/wp-admin/inline-uploading.php @@ -34,16 +34,20 @@ break; case 'delete': +check_admin_referer('inlineuploading'); + if ( !current_user_can('edit_post', (int) $attachment) ) die(__('You are not allowed to delete this attachment.').' ".__('Go back').''); wp_delete_attachment($attachment); -header("Location: ".basename(__FILE__)."?post=$post&all=$all&action=view&start=$start"); +header("Location: " . basename(__FILE__) ."?post=$post&all=$all&action=view&start=$start"); die; case 'save': +check_admin_referer('inlineuploading'); + $overrides = array('action'=>'save'); $file = wp_handle_upload($_FILES['image'], $overrides); @@ -101,7 +105,7 @@ if ( preg_match('!^image/!', $attachment['post_mime_type']) ) { add_post_meta($id, '_wp_attachment_metadata', array()); } -header("Location: ".basename(__FILE__)."?post=$post&all=$all&action=view&start=0"); +header("Location: " . basename(__FILE__) . "?post=$post&all=$all&action=view&start=0"); die(); case 'upload': @@ -140,7 +144,7 @@ if ( '' == $sort ) $attachments = $wpdb->get_results("SELECT ID, post_date, post_title, post_mime_type, guid FROM $wpdb->posts WHERE post_type = 'attachment' $and_type $and_post $and_user ORDER BY $sort LIMIT $start, $double", ARRAY_A); if ( count($attachments) == 0 ) { - header("Location: ".basename(__FILE__)."?post=$post&action=upload"); + header("Location: " . basename(__FILE__) ."?post=$post&action=upload" ); die; } elseif ( count($attachments) > $num ) { $next = $start + count($attachments) - $num; @@ -214,7 +218,7 @@ var icon = new Array(); "; $send_delete_cancel = "$__send_to_editor -$__delete +$__delete $__close "; $uwidth_sum += 128; @@ -642,25 +646,25 @@ th {