From 58fd637d91b3ea3a625deec257bc9ce33f068cef Mon Sep 17 00:00:00 2001
From: Paul Biron <paul@sparrowhawkcomputing.com>
Date: Fri, 13 Jul 2018 09:39:17 -0600
Subject: [PATCH] report "Succeeded" for users without 'edit_posts' capability
---
wp-admin/async-upload.php | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/wp-admin/async-upload.php b/wp-admin/async-upload.php
index cf4670b..d5db842 100644
|
a
|
b
|
if ( isset( $_REQUEST['attachment_id'] ) && ( $id = intval( $_REQUEST['attachmen |
| 44 | 44 | if ( 'attachment' != $post->post_type ) { |
| 45 | 45 | wp_die( __( 'Invalid post type.' ) ); |
| 46 | 46 | } |
| 47 | | if ( ! current_user_can( 'edit_post', $id ) ) { |
| 48 | | wp_die( __( 'Sorry, you are not allowed to edit this item.' ) ); |
| 49 | | } |
| 50 | 47 | |
| 51 | 48 | switch ( $_REQUEST['fetch'] ) { |
| 52 | 49 | case 3: |
| 53 | 50 | if ( $thumb_url = wp_get_attachment_image_src( $id, 'thumbnail', true ) ) { |
| 54 | 51 | echo '<img class="pinkynail" src="' . esc_url( $thumb_url[0] ) . '" alt="" />'; |
| 55 | 52 | } |
| 56 | | echo '<a class="edit-attachment" href="' . esc_url( get_edit_post_link( $id ) ) . '" target="_blank">' . _x( 'Edit', 'media item' ) . '</a>'; |
| | 53 | if ( current_user_can( 'edit_post', $id ) ) { |
| | 54 | echo '<a class="edit-attachment" href="' . esc_url( get_edit_post_link( $id ) ) . '" target="_blank">' . _x( 'Edit', 'media item' ) . '</a>'; |
| | 55 | } |
| | 56 | else { |
| | 57 | echo '<span class="edit-attachment">' . _x( 'Success', 'media item' ) . '</span>'; |
| | 58 | } |
| 57 | 59 | |
| 58 | 60 | // Title shouldn't ever be empty, but use filename just in case. |
| 59 | 61 | $file = get_attached_file( $post->ID ); |