WordPress.org

Make WordPress Core

Changeset 5670


Ignore:
Timestamp:
06/08/2007 05:06:58 PM (15 years ago)
Author:
rob1n
Message:

Check the user before overwriting the attachment. Props xknown and Joseph Scott. fixes #4422

File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/2.2/xmlrpc.php

    r5650 r5670  
    14381438        $bits = $data['bits'];
    14391439
     1440        logIO('O', '(MW) Received '.strlen($bits).' bytes');
     1441
     1442        if ( !$this->login_pass_ok($user_login, $user_pass) )
     1443            return $this->error;
     1444
     1445        set_current_user(0, $user_login);
     1446        if ( !current_user_can('upload_files') ) {
     1447            logIO('O', '(MW) User does not have upload_files capability');
     1448            $this->error = new IXR_Error(401, __('You are not allowed to upload files to this site.'));
     1449            return $this->error;
     1450        }
     1451
     1452        if ( $upload_err = apply_filters( "pre_upload_error", false ) )
     1453            return new IXR_Error(500, $upload_err);
     1454
    14401455        if(!empty($data["overwrite"]) && ($data["overwrite"] == true)) {
    14411456            // Get postmeta info on the object.
     
    14551470            $name = "wpid{$old_file->ID}-{$filename}";
    14561471        }
    1457 
    1458         logIO('O', '(MW) Received '.strlen($bits).' bytes');
    1459 
    1460         if ( !$this->login_pass_ok($user_login, $user_pass) )
    1461             return $this->error;
    1462 
    1463         set_current_user(0, $user_login);
    1464         if ( !current_user_can('upload_files') ) {
    1465             logIO('O', '(MW) User does not have upload_files capability');
    1466             $this->error = new IXR_Error(401, __('You are not allowed to upload files to this site.'));
    1467             return $this->error;
    1468         }
    1469 
    1470         if ( $upload_err = apply_filters( "pre_upload_error", false ) )
    1471             return new IXR_Error(500, $upload_err);
    14721472
    14731473        $upload = wp_upload_bits($name, $type, $bits, $overwrite);
Note: See TracChangeset for help on using the changeset viewer.