WordPress.org

Make WordPress Core

Changeset 22902


Ignore:
Timestamp:
11/28/12 20:17:57 (3 years ago)
Author:
ryan
Message:

Route uploads through async-upload.php instead of admin-ajax.php.

Props nacin, koopersmith
fixes #22622

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/async-upload.php

    r22755 r22902  
    1414    require_once('../wp-load.php'); 
    1515 
    16 // Flash often fails to send cookies with the POST or upload, so we need to pass it in GET or POST instead 
    17 if ( is_ssl() && empty($_COOKIE[SECURE_AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie']) ) 
    18     $_COOKIE[SECURE_AUTH_COOKIE] = $_REQUEST['auth_cookie']; 
    19 elseif ( empty($_COOKIE[AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie']) ) 
    20     $_COOKIE[AUTH_COOKIE] = $_REQUEST['auth_cookie']; 
    21 if ( empty($_COOKIE[LOGGED_IN_COOKIE]) && !empty($_REQUEST['logged_in_cookie']) ) 
    22     $_COOKIE[LOGGED_IN_COOKIE] = $_REQUEST['logged_in_cookie']; 
    23 unset($current_user); 
     16if ( ! ( isset( $_REQUEST['action'] ) && 'upload-attachment' == $_REQUEST['action'] ) ) { 
     17    // Flash often fails to send cookies with the POST or upload, so we need to pass it in GET or POST instead 
     18    if ( is_ssl() && empty($_COOKIE[SECURE_AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie']) ) 
     19        $_COOKIE[SECURE_AUTH_COOKIE] = $_REQUEST['auth_cookie']; 
     20    elseif ( empty($_COOKIE[AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie']) ) 
     21        $_COOKIE[AUTH_COOKIE] = $_REQUEST['auth_cookie']; 
     22    if ( empty($_COOKIE[LOGGED_IN_COOKIE]) && !empty($_REQUEST['logged_in_cookie']) ) 
     23        $_COOKIE[LOGGED_IN_COOKIE] = $_REQUEST['logged_in_cookie']; 
     24    unset($current_user); 
     25} 
     26 
    2427require_once('./admin.php'); 
     28 
     29if ( !current_user_can('upload_files') ) 
     30    wp_die(__('You do not have permission to upload files.')); 
    2531 
    2632header('Content-Type: text/html; charset=' . get_option('blog_charset')); 
    2733 
    28 if ( !current_user_can('upload_files') ) 
    29     wp_die(__('You do not have permission to upload files.')); 
     34if ( isset( $_REQUEST['action'] ) && 'upload-attachment' === $_REQUEST['action'] ) { 
     35    define( 'DOING_AJAX', true ); 
     36    include ABSPATH . 'wp-admin/includes/ajax-actions.php'; 
     37 
     38    send_nosniff_header(); 
     39    nocache_headers(); 
     40 
     41    wp_ajax_upload_attachment(); 
     42    die( '0' ); 
     43} 
    3044 
    3145// just fetch the detail form for that attachment 
  • trunk/wp-includes/media.php

    r22895 r22902  
    12471247        'multiple_queues'     => true, 
    12481248        'max_file_size'       => $max_upload_size . 'b', 
    1249         'url'                 => admin_url( 'admin-ajax.php', 'relative' ), 
     1249        'url'                 => admin_url( 'async-upload.php', 'relative' ), 
    12501250        'flash_swf_url'       => includes_url( 'js/plupload/plupload.flash.swf' ), 
    12511251        'silverlight_xap_url' => includes_url( 'js/plupload/plupload.silverlight.xap' ), 
Note: See TracChangeset for help on using the changeset viewer.