Changeset 55365 for trunk/src/wp-admin/includes/ajax-actions.php
- Timestamp:
- 02/19/2023 03:03:50 PM (2 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-admin/includes/ajax-actions.php
r55258 r55365 2035 2035 } 2036 2036 2037 $post_ ID= (int) $_POST['post_ID'];2037 $post_id = (int) $_POST['post_ID']; 2038 2038 2039 2039 if ( 'page' === $_POST['post_type'] ) { 2040 if ( ! current_user_can( 'edit_page', $post_ ID) ) {2040 if ( ! current_user_can( 'edit_page', $post_id ) ) { 2041 2041 wp_die( __( 'Sorry, you are not allowed to edit this page.' ) ); 2042 2042 } 2043 2043 } else { 2044 if ( ! current_user_can( 'edit_post', $post_ ID) ) {2044 if ( ! current_user_can( 'edit_post', $post_id ) ) { 2045 2045 wp_die( __( 'Sorry, you are not allowed to edit this post.' ) ); 2046 2046 } 2047 2047 } 2048 2048 2049 $last = wp_check_post_lock( $post_ ID);2049 $last = wp_check_post_lock( $post_id ); 2050 2050 if ( $last ) { 2051 2051 $last_user = get_userdata( $last ); … … 2066 2066 $data = &$_POST; 2067 2067 2068 $post = get_post( $post_ ID, ARRAY_A );2068 $post = get_post( $post_id, ARRAY_A ); 2069 2069 2070 2070 // Since it's coming from the database. … … 2700 2700 $json = ! empty( $_REQUEST['json'] ); // New-style request. 2701 2701 2702 $post_ ID= (int) $_POST['post_id'];2703 if ( ! current_user_can( 'edit_post', $post_ ID) ) {2702 $post_id = (int) $_POST['post_id']; 2703 if ( ! current_user_can( 'edit_post', $post_id ) ) { 2704 2704 wp_die( -1 ); 2705 2705 } … … 2708 2708 2709 2709 if ( $json ) { 2710 check_ajax_referer( "update-post_$post_ ID" );2710 check_ajax_referer( "update-post_$post_id" ); 2711 2711 } else { 2712 check_ajax_referer( "set_post_thumbnail-$post_ ID" );2712 check_ajax_referer( "set_post_thumbnail-$post_id" ); 2713 2713 } 2714 2714 2715 2715 if ( '-1' == $thumbnail_id ) { 2716 if ( delete_post_thumbnail( $post_ ID) ) {2717 $return = _wp_post_thumbnail_html( null, $post_ ID);2716 if ( delete_post_thumbnail( $post_id ) ) { 2717 $return = _wp_post_thumbnail_html( null, $post_id ); 2718 2718 $json ? wp_send_json_success( $return ) : wp_die( $return ); 2719 2719 } else { … … 2722 2722 } 2723 2723 2724 if ( set_post_thumbnail( $post_ ID, $thumbnail_id ) ) {2725 $return = _wp_post_thumbnail_html( $thumbnail_id, $post_ ID);2724 if ( set_post_thumbnail( $post_id, $thumbnail_id ) ) { 2725 $return = _wp_post_thumbnail_html( $thumbnail_id, $post_id ); 2726 2726 $json ? wp_send_json_success( $return ) : wp_die( $return ); 2727 2727 } … … 2736 2736 */ 2737 2737 function wp_ajax_get_post_thumbnail_html() { 2738 $post_ ID= (int) $_POST['post_id'];2739 2740 check_ajax_referer( "update-post_$post_ ID" );2741 2742 if ( ! current_user_can( 'edit_post', $post_ ID) ) {2738 $post_id = (int) $_POST['post_id']; 2739 2740 check_ajax_referer( "update-post_$post_id" ); 2741 2742 if ( ! current_user_can( 'edit_post', $post_id ) ) { 2743 2743 wp_die( -1 ); 2744 2744 } … … 2751 2751 } 2752 2752 2753 $return = _wp_post_thumbnail_html( $thumbnail_id, $post_ ID);2753 $return = _wp_post_thumbnail_html( $thumbnail_id, $post_id ); 2754 2754 wp_send_json_success( $return ); 2755 2755 }
Note: See TracChangeset
for help on using the changeset viewer.