WordPress.org

Make WordPress Core

Ticket #22572: 22572.2.diff

File 22572.2.diff, 2.2 KB (added by nacin, 2 years ago)
  • wp-admin/media-new.php

     
    1717 
    1818wp_enqueue_script('plupload-handlers'); 
    1919 
    20 unset( $_REQUEST['post_id'] ); 
     20$post_id = 0; 
     21if ( isset( $_REQUEST['post_id'] ) ) { 
     22        $post_id = absint( $_REQUEST['post_id'] ); 
     23        if ( ! get_post( $post_id ) || ! current_user_can( 'edit_post', $post_id ) ) 
     24                $post_id = 0; 
     25} 
    2126 
    2227if ( $_POST ) { 
    2328        $location = 'upload.php'; 
    2429        if ( isset($_POST['html-upload']) && !empty($_FILES) ) { 
    2530                check_admin_referer('media-form'); 
    2631                // Upload File button was clicked 
    27                 $id = media_handle_upload('async-upload', $_REQUEST['post_id']); 
     32                $id = media_handle_upload( 'async-upload', $post_id ); 
    2833                if ( is_wp_error( $id ) ) 
    2934                        $location .= '?message=3'; 
    3035        } 
     
    6873        <?php media_upload_form(); ?> 
    6974 
    7075        <script type="text/javascript"> 
    71         var post_id = 0, shortform = 3; 
     76        var post_id = <?php echo $post_id; ?>, shortform = 3; 
    7277        </script> 
    73         <input type="hidden" name="post_id" id="post_id" value="0" /> 
     78        <input type="hidden" name="post_id" id="post_id" value="<?php echo $post_id; ?>" /> 
    7479        <?php wp_nonce_field('media-form'); ?> 
    7580        <div id="media-items" class="hide-if-no-js"></div> 
    7681        </form> 
  • wp-admin/includes/media.php

     
    21662166 * @since 2.6.0 
    21672167 */ 
    21682168function media_upload_flash_bypass() { 
     2169        $browser_uploader = admin_url( 'media-new.php?browser-uploader' ); 
     2170 
     2171        if ( $post = get_post() ) 
     2172                $browser_uploader .= '&amp;post_id=' . intval( $post->ID ); 
     2173        elseif ( ! empty( $GLOBALS['post_ID'] ) ) 
     2174                $browser_uploader .= '&amp;post_id=' . intval( $GLOBALS['post_ID'] ); 
     2175 
    21692176        ?> 
    21702177        <p class="upload-flash-bypass"> 
    2171         <?php printf( __( 'You are using the multi-file uploader. Problems? Try the <a href="%1$s" target="%2$s">browser uploader</a> instead.' ), admin_url( 'media-new.php?browser-uploader' ), '_blank' ); ?> 
     2178        <?php printf( __( 'You are using the multi-file uploader. Problems? Try the <a href="%1$s" target="%2$s">browser uploader</a> instead.' ), $browser_uploader, '_blank' ); ?> 
    21722179        </p> 
    21732180        <?php 
    21742181}