Ticket #31037: 31037.diff
File 31037.diff, 6.1 KB (added by , 10 years ago) |
---|
-
src/wp-admin/includes/ajax-actions.php
1838 1838 $wp_customize->widgets->wp_ajax_update_widget(); 1839 1839 } 1840 1840 1841 1841 /** 1842 1842 * Ajax handler for uploading attachments 1843 1843 * 1844 1844 * @since 3.3.0 1845 1845 */ 1846 1846 function wp_ajax_upload_attachment() { 1847 1847 check_ajax_referer( 'media-form' ); 1848 1848 1849 1849 if ( ! current_user_can( 'upload_files' ) ) { 1850 1850 wp_send_json_error( array( 1851 1851 'message' => __( "You don't have permission to upload files." ), 1852 1852 'filename' => $_FILES['async-upload']['name'], 1853 ) );1853 ), 'text/html' ); 1854 1854 } 1855 1855 1856 1856 if ( isset( $_REQUEST['post_id'] ) ) { 1857 1857 $post_id = $_REQUEST['post_id']; 1858 1858 if ( ! current_user_can( 'edit_post', $post_id ) ) { 1859 1859 wp_send_json_error( array( 1860 1860 'message' => __( "You don't have permission to attach files to this post." ), 1861 1861 'filename' => $_FILES['async-upload']['name'], 1862 ) );1862 ), 'text/html' ); 1863 1863 } 1864 1864 } else { 1865 1865 $post_id = null; 1866 1866 } 1867 1867 1868 1868 $post_data = isset( $_REQUEST['post_data'] ) ? $_REQUEST['post_data'] : array(); 1869 1869 1870 1870 // If the context is custom header or background, make sure the uploaded file is an image. 1871 1871 if ( isset( $post_data['context'] ) && in_array( $post_data['context'], array( 'custom-header', 'custom-background' ) ) ) { 1872 1872 $wp_filetype = wp_check_filetype_and_ext( $_FILES['async-upload']['tmp_name'], $_FILES['async-upload']['name'] ); 1873 1873 if ( ! wp_match_mime_types( 'image', $wp_filetype['type'] ) ) { 1874 1874 wp_send_json_error( array( 1875 1875 'message' => __( 'The uploaded file is not a valid image. Please try again.' ), 1876 1876 'filename' => $_FILES['async-upload']['name'], 1877 ) );1877 ), 'text/html' ); 1878 1878 } 1879 1879 } 1880 1880 1881 1881 $attachment_id = media_handle_upload( 'async-upload', $post_id, $post_data ); 1882 1882 1883 1883 if ( is_wp_error( $attachment_id ) ) { 1884 1884 wp_send_json_error( array( 1885 1885 'message' => $attachment_id->get_error_message(), 1886 1886 'filename' => $_FILES['async-upload']['name'], 1887 ) );1887 ), 'text/html' ); 1888 1888 } 1889 1889 1890 1890 if ( isset( $post_data['context'] ) && isset( $post_data['theme'] ) ) { 1891 1891 if ( 'custom-background' === $post_data['context'] ) 1892 1892 update_post_meta( $attachment_id, '_wp_attachment_is_custom_background', $post_data['theme'] ); 1893 1893 1894 1894 if ( 'custom-header' === $post_data['context'] ) 1895 1895 update_post_meta( $attachment_id, '_wp_attachment_is_custom_header', $post_data['theme'] ); 1896 1896 } 1897 1897 1898 1898 if ( ! $attachment = wp_prepare_attachment_for_js( $attachment_id ) ) 1899 1899 wp_die(); 1900 1900 1901 wp_send_json_success( $attachment );1901 wp_send_json_success( $attachment, 'text/html' ); 1902 1902 } 1903 1903 1904 1904 /** 1905 1905 * Ajax handler for image editing. 1906 1906 * 1907 1907 * @since 3.1.0 1908 1908 */ 1909 1909 function wp_ajax_image_editor() { 1910 1910 $attachment_id = intval($_POST['postid']); 1911 1911 if ( empty($attachment_id) || !current_user_can('edit_post', $attachment_id) ) 1912 1912 wp_die( -1 ); 1913 1913 1914 1914 check_ajax_referer( "image_editor-$attachment_id" ); 1915 1915 include_once( ABSPATH . 'wp-admin/includes/image-edit.php' ); 1916 1916 -
src/wp-includes/functions.php
2769 2769 } else { 2770 2770 return mb_convert_encoding( $string, 'UTF-8', 'UTF-8' ); 2771 2771 } 2772 2772 } else { 2773 2773 return wp_check_invalid_utf8( $string, true ); 2774 2774 } 2775 2775 } 2776 2776 2777 2777 /** 2778 2778 * Send a JSON response back to an Ajax request. 2779 2779 * 2780 2780 * @since 3.5.0 2781 2781 * 2782 2782 * @param mixed $response Variable (usually an array or object) to encode as JSON, 2783 2783 * then print and die. 2784 * @param string $content_type Content-Type to return the JSON as. 2784 2785 */ 2785 function wp_send_json( $response ) { 2786 @header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) ); 2786 function wp_send_json( $response, $content_type = null ) { 2787 if ( ! $content_type ) { 2788 $content_type = 'application/json'; 2789 } 2790 @header( 'Content-Type: ' . $content_type . '; charset=' . get_option( 'blog_charset' ) ); 2791 2787 2792 echo wp_json_encode( $response ); 2793 2788 2794 if ( defined( 'DOING_AJAX' ) && DOING_AJAX ) 2789 2795 wp_die(); 2790 2796 else 2791 2797 die; 2792 2798 } 2793 2799 2794 2800 /** 2795 2801 * Send a JSON response back to an Ajax request, indicating success. 2796 2802 * 2797 2803 * @since 3.5.0 2798 2804 * 2799 2805 * @param mixed $data Data to encode as JSON, then print and die. 2806 * @param string $content_type Content-Type to return the JSON as. 2800 2807 */ 2801 function wp_send_json_success( $data = null ) {2808 function wp_send_json_success( $data = null, $content_type = null ) { 2802 2809 $response = array( 'success' => true ); 2803 2810 2804 2811 if ( isset( $data ) ) 2805 2812 $response['data'] = $data; 2806 2813 2807 wp_send_json( $response );2814 wp_send_json( $response, $content_type ); 2808 2815 } 2809 2816 2810 2817 /** 2811 2818 * Send a JSON response back to an Ajax request, indicating failure. 2812 2819 * 2813 2820 * If the `$data` parameter is a {@see WP_Error} object, the errors 2814 2821 * within the object are processed and output as an array of error 2815 2822 * codes and corresponding messages. All other types are output 2816 2823 * without further processing. 2817 2824 * 2818 2825 * @since 3.5.0 2819 2826 * @since 4.1.0 The `$data` parameter is now processed if a {@see WP_Error} 2820 2827 * object is passed in. 2821 2828 * 2822 2829 * @param mixed $data Data to encode as JSON, then print and die. 2830 * @param string $content_type Content-Type to return the JSON as. 2823 2831 */ 2824 function wp_send_json_error( $data = null ) {2832 function wp_send_json_error( $data = null, $content_type = null ) { 2825 2833 $response = array( 'success' => false ); 2826 2834 2827 2835 if ( isset( $data ) ) { 2828 2836 if ( is_wp_error( $data ) ) { 2829 2837 $result = array(); 2830 2838 foreach ( $data->errors as $code => $messages ) { 2831 2839 foreach ( $messages as $message ) { 2832 2840 $result[] = array( 'code' => $code, 'message' => $message ); 2833 2841 } 2834 2842 } 2835 2843 2836 2844 $response['data'] = $result; 2837 2845 } else { 2838 2846 $response['data'] = $data; 2839 2847 } 2840 2848 } 2841 2849 2842 wp_send_json( $response );2850 wp_send_json( $response, $content_type ); 2843 2851 } 2844 2852 2845 2853 /** 2846 2854 * Retrieve the WordPress home page URL. 2847 2855 * 2848 2856 * If the constant named 'WP_HOME' exists, then it will be used and returned 2849 2857 * by the function. This can be used to counter the redirection on your local 2850 2858 * development environment. 2851 2859 * 2852 2860 * @since 2.2.0 2853 2861 * @access private 2854 2862 * 2855 2863 * @see WP_HOME 2856 2864 * 2857 2865 * @param string $url URL for the home location.