WordPress.org

Make WordPress Core

Changeset 5671


Ignore:
Timestamp:
06/08/2007 05:07:59 PM (11 years ago)
Author:
rob1n
Message:

Check the user before overwriting the attachment. Props xknown and Joseph Scott. fixes #4422

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/xmlrpc.php

    r5662 r5671  
    14301430        $bits = $data['bits'];
    14311431
     1432        logIO('O', '(MW) Received '.strlen($bits).' bytes');
     1433
     1434        if ( !$this->login_pass_ok($user_login, $user_pass) )
     1435            return $this->error;
     1436
     1437        set_current_user(0, $user_login);
     1438        if ( !current_user_can('upload_files') ) {
     1439            logIO('O', '(MW) User does not have upload_files capability');
     1440            $this->error = new IXR_Error(401, __('You are not allowed to upload files to this site.'));
     1441            return $this->error;
     1442        }
     1443
     1444        if ( $upload_err = apply_filters( "pre_upload_error", false ) )
     1445            return new IXR_Error(500, $upload_err);
     1446
    14321447        if(!empty($data["overwrite"]) && ($data["overwrite"] == true)) {
    14331448            // Get postmeta info on the object.
     
    14471462            $name = "wpid{$old_file->ID}-{$filename}";
    14481463        }
    1449 
    1450         logIO('O', '(MW) Received '.strlen($bits).' bytes');
    1451 
    1452         if ( !$this->login_pass_ok($user_login, $user_pass) )
    1453             return $this->error;
    1454 
    1455         set_current_user(0, $user_login);
    1456         if ( !current_user_can('upload_files') ) {
    1457             logIO('O', '(MW) User does not have upload_files capability');
    1458             $this->error = new IXR_Error(401, __('You are not allowed to upload files to this site.'));
    1459             return $this->error;
    1460         }
    1461 
    1462         if ( $upload_err = apply_filters( "pre_upload_error", false ) )
    1463             return new IXR_Error(500, $upload_err);
    14641464
    14651465        $upload = wp_upload_bits($name, $type, $bits, $overwrite);
Note: See TracChangeset for help on using the changeset viewer.