Make WordPress Core

Changeset 31430


Ignore:
Timestamp:
02/12/2015 01:32:26 AM (9 years ago)
Author:
dd32
Message:

Prevent IE9 and lower displaying the download file dialogue when attempting
to upload using the html4 Plupload handler.

The HTML4 Plupload handler uses a hidden iframe to POST the upload form, and
unfortunately Internet Explorer 9 doesn't support the application/json
content-type which wp_send_json_success() and requires text/html instead.

This partially reverts [30354], keeping the better error messages.

Merges [31429] to the 4.1 branch.
Fixes #31037.

Location:
branches/4.1
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • branches/4.1

  • branches/4.1/src/wp-admin/async-upload.php

    r30649 r31430  
    3333require_once( ABSPATH . 'wp-admin/admin.php' );
    3434
     35header( 'Content-Type: text/html; charset=' . get_option( 'blog_charset' ) );
     36
    3537if ( isset( $_REQUEST['action'] ) && 'upload-attachment' === $_REQUEST['action'] ) {
    3638    include( ABSPATH . 'wp-admin/includes/ajax-actions.php' );
     
    4648    wp_die( __( 'You do not have permission to upload files.' ) );
    4749}
    48 
    49 header( 'Content-Type: text/html; charset=' . get_option( 'blog_charset' ) );
    5050
    5151// just fetch the detail form for that attachment
  • branches/4.1/src/wp-admin/includes/ajax-actions.php

    r30895 r31430  
    18331833function wp_ajax_upload_attachment() {
    18341834    check_ajax_referer( 'media-form' );
     1835    /*
     1836     * This function does not use wp_send_json_success() / wp_send_json_error()
     1837     * as the html4 Plupload handler requires a text/html content-type for older IE.
     1838     * See https://core.trac.wordpress.org/ticket/31037
     1839     */
    18351840
    18361841    if ( ! current_user_can( 'upload_files' ) ) {
    1837         wp_send_json_error( array(
    1838             'message'  => __( "You don't have permission to upload files." ),
    1839             'filename' => $_FILES['async-upload']['name'],
     1842        echo wp_json_encode( array(
     1843            'success' => false,
     1844            'data'    => array(
     1845                'message'  => __( "You don't have permission to upload files." ),
     1846                'filename' => $_FILES['async-upload']['name'],
     1847            )
    18401848        ) );
     1849
     1850        wp_die();
    18411851    }
    18421852
     
    18441854        $post_id = $_REQUEST['post_id'];
    18451855        if ( ! current_user_can( 'edit_post', $post_id ) ) {
    1846             wp_send_json_error( array(
    1847                 'message'  => __( "You don't have permission to attach files to this post." ),
    1848                 'filename' => $_FILES['async-upload']['name'],
     1856            echo wp_json_encode( array(
     1857                'success' => false,
     1858                'data'    => array(
     1859                    'message'  => __( "You don't have permission to attach files to this post." ),
     1860                    'filename' => $_FILES['async-upload']['name'],
     1861                )
    18491862            ) );
     1863
     1864            wp_die();
    18501865        }
    18511866    } else {
     
    18591874        $wp_filetype = wp_check_filetype_and_ext( $_FILES['async-upload']['tmp_name'], $_FILES['async-upload']['name'], false );
    18601875        if ( ! wp_match_mime_types( 'image', $wp_filetype['type'] ) ) {
    1861             wp_send_json_error( array(
    1862                 'message'  => __( 'The uploaded file is not a valid image. Please try again.' ),
     1876            echo wp_json_encode( array(
     1877                'success' => false,
     1878                'data'    => array(
     1879                    'message'  => __( 'The uploaded file is not a valid image. Please try again.' ),
     1880                    'filename' => $_FILES['async-upload']['name'],
     1881                )
     1882            ) );
     1883
     1884            wp_die();
     1885        }
     1886    }
     1887
     1888    $attachment_id = media_handle_upload( 'async-upload', $post_id, $post_data );
     1889
     1890    if ( is_wp_error( $attachment_id ) ) {
     1891        echo wp_json_encode( array(
     1892            'success' => false,
     1893            'data'    => array(
     1894                'message'  => $attachment_id->get_error_message(),
    18631895                'filename' => $_FILES['async-upload']['name'],
    1864             ) );
    1865         }
    1866     }
    1867 
    1868     $attachment_id = media_handle_upload( 'async-upload', $post_id, $post_data );
    1869 
    1870     if ( is_wp_error( $attachment_id ) ) {
    1871         wp_send_json_error( array(
    1872             'message'  => $attachment_id->get_error_message(),
    1873             'filename' => $_FILES['async-upload']['name'],
     1896            )
    18741897        ) );
     1898
     1899        wp_die();
    18751900    }
    18761901
     
    18861911        wp_die();
    18871912
    1888     wp_send_json_success( $attachment );
     1913    echo wp_json_encode( array(
     1914        'success' => true,
     1915        'data'    => $attachment,
     1916    ) );
     1917
     1918    wp_die();
    18891919}
    18901920
Note: See TracChangeset for help on using the changeset viewer.