Changeset 56850 for branches/4.1/src/wp-admin/includes/ajax-actions.php
- Timestamp:
- 10/12/2023 02:21:47 PM (18 months ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/4.1/src/wp-admin/includes/ajax-actions.php
r55772 r56850 829 829 wp_die( 0 ); 830 830 } 831 831 832 832 if ( ! current_user_can( $tax->cap->assign_terms ) ) { 833 833 wp_die( -1 ); … … 2768 2768 } 2769 2769 2770 setup_postdata( $post ); 2771 $shortcode = do_shortcode( wp_unslash( $_POST['shortcode'] ) ); 2770 $shortcode = wp_unslash( $_POST['shortcode'] ); 2771 2772 // Only process previews for media related shortcodes: 2773 $found_shortcodes = get_shortcode_tags_in_content( $shortcode ); 2774 $media_shortcodes = array( 2775 'audio', 2776 'embed', 2777 'playlist', 2778 'video', 2779 'gallery', 2780 ); 2781 2782 $other_shortcodes = array_diff( $found_shortcodes, $media_shortcodes ); 2783 2784 if ( ! empty( $other_shortcodes ) ) { 2785 wp_send_json_error(); 2786 } 2787 2788 if ( ! empty( $_POST['post_ID'] ) ) { 2789 $post = get_post( (int) $_POST['post_ID'] ); 2790 } 2791 2792 // the embed shortcode requires a post 2793 if ( ! $post || ! current_user_can( 'edit_post', $post->ID ) ) { 2794 if ( in_array( 'embed', $found_shortcodes, true ) ) { 2795 wp_send_json_error(); 2796 } 2797 } else { 2798 setup_postdata( $post ); 2799 } 2772 2800 2773 2801 if ( empty( $shortcode ) ) { … … 2836 2864 } else { 2837 2865 $sessions->destroy_all(); 2838 /* translators: 1: User's display name. */ 2866 /* translators: 1: User's display name. */ 2839 2867 $message = sprintf( __( '%s has been logged out.' ), $user->display_name ); 2840 2868 }
Note: See TracChangeset
for help on using the changeset viewer.