Changeset 22869
- Timestamp:
- 11/27/2012 03:50:59 PM (12 years ago)
- Location:
- trunk
- Files:
-
- 6 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-admin/includes/ajax-actions.php
r22847 r22869 1844 1844 wp_send_json_error(); 1845 1845 1846 check_ajax_referer( ' save-attachment', 'nonce' );1846 check_ajax_referer( 'update-post_' . $id, 'nonce' ); 1847 1847 1848 1848 if ( ! current_user_can( 'edit_post', $id ) ) … … 1890 1890 $attachment_data = $_REQUEST['attachments'][ $id ]; 1891 1891 1892 check_ajax_referer( ' save-attachment', 'nonce' );1892 check_ajax_referer( 'update-post_' . $id, 'nonce' ); 1893 1893 1894 1894 if ( ! current_user_can( 'edit_post', $id ) ) -
trunk/wp-includes/css/media-views.css
r22866 r22869 1192 1192 } 1193 1193 1194 .attachment-info .delete-attachment a { 1195 color: red; 1196 padding: 2px 4px; 1197 margin: -2px -4px; 1198 text-decoration: none; 1199 } 1200 1201 .attachment-info .delete-attachment a:hover { 1202 color: #fff; 1203 background: red; 1204 } 1205 1194 1206 /** 1195 1207 * Attachment Display Settings -
trunk/wp-includes/js/media-models.js
r22865 r22869 219 219 Attachment = media.model.Attachment = Backbone.Model.extend({ 220 220 sync: function( method, model, options ) { 221 // If the attachment does not yet have an `id`, return an instantly 222 // rejected promise. Otherwise, all of our requests will fail. 223 if ( _.isUndefined( this.id ) ) 224 return $.Deferred().reject().promise(); 225 221 226 // Overload the `read` request so Attachment.fetch() functions correctly. 222 227 if ( 'read' === method ) { … … 238 243 action: 'save-attachment', 239 244 id: this.id, 240 nonce: media.model.settings.saveAttachmentNonce,245 nonce: this.get('nonces').update, 241 246 post_id: media.model.settings.postId 242 247 }); … … 253 258 254 259 return media.ajax( options ); 260 261 // Overload the `delete` request so attachments can be removed. 262 // This will permanently delete an attachment. 263 } else if ( 'delete' === method ) { 264 options = options || {}; 265 options.context = this; 266 options.data = _.extend( options.data || {}, { 267 action: 'delete-post', 268 id: this.id, 269 _wpnonce: this.get('nonces')['delete'] 270 }); 271 return media.ajax( options ); 255 272 } 256 273 }, … … 271 288 return media.post( 'save-attachment-compat', _.defaults({ 272 289 id: this.id, 273 nonce: media.model.settings.saveAttachmentNonce,290 nonce: this.get('nonces').update, 274 291 post_id: media.model.settings.postId 275 292 }, data ) ).done( function( resp, status, xhr ) { -
trunk/wp-includes/js/media-views.js
r22868 r22869 3407 3407 'change [data-setting] input': 'updateSetting', 3408 3408 'change [data-setting] select': 'updateSetting', 3409 'change [data-setting] textarea': 'updateSetting' 3409 'change [data-setting] textarea': 'updateSetting', 3410 'click .delete-attachment': 'deleteAttachment' 3411 }, 3412 3413 deleteAttachment: function(event) { 3414 event.preventDefault(); 3415 3416 if ( confirm( l10n.warnDelete ) ) 3417 this.model.destroy(); 3410 3418 } 3411 3419 }); -
trunk/wp-includes/media.php
r22868 r22869 1328 1328 'icon' => wp_mime_type_icon( $attachment->ID ), 1329 1329 'dateFormatted' => mysql2date( get_option('date_format'), $attachment->post_date ), 1330 'nonces' => array( 1331 'update' => wp_create_nonce( 'update-post_' . $attachment->ID ), 1332 'delete' => wp_create_nonce( 'delete-post_' . $attachment->ID ), 1333 ), 1330 1334 ); 1331 1335 … … 1453 1457 'insertIntoPost' => $hier ? __( 'Insert into page' ) : __( 'Insert into post' ), 1454 1458 'uploadedToThisPost' => $hier ? __( 'Uploaded to this page' ) : __( 'Uploaded to this post' ), 1459 'warnDelete' => __( "You are about to permanently delete this item.\n 'Cancel' to stop, 'OK' to delete." ), 1455 1460 1456 1461 // From URL … … 1641 1646 <# if ( 'image' === data.type && ! data.uploading ) { #> 1642 1647 <div class="dimensions">{{ data.width }} × {{ data.height }}</div> 1648 <# } #> 1649 <# if ( ! data.uploading ) { #> 1650 <div class="delete-attachment"> 1651 <a href="#"><?php _e( 'Delete Permanently' ); ?></a> 1652 </div> 1643 1653 <# } #> 1644 1654 </div> -
trunk/wp-includes/script-loader.php
r22865 r22869 323 323 did_action( 'init' ) && $scripts->localize( 'media-models', '_wpMediaModelsL10n', array( 324 324 'settings' => array( 325 'saveAttachmentNonce' => wp_create_nonce( 'save-attachment' ),326 325 'ajaxurl' => admin_url( 'admin-ajax.php', 'relative' ), 327 326 'postId' => 0,
Note: See TracChangeset
for help on using the changeset viewer.