sergiotarxz
/
Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Check upload_files cap for inline uploader. Props David House and doit-cu. fixes #2302 

git-svn-id: https://develop.svn.wordpress.org/trunk@3456 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Ryan Boren 2006-01-18 19:16:31 +00:00
parent d06dfa3478
commit a6baed8b6c
3 changed files with 16 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
wp-admin/edit-form-advanced.php
View File

@ -218,11 +218,13 @@ else
<?php do_action('edit_form_advanced'); ?>
<?php
$uploading_iframe_ID = (0 == $post_ID ? $temp_ID : $post_ID);
$uploading_iframe_src = "inline-uploading.php?action=view&amp;post=$uploading_iframe_ID";
$uploading_iframe_src = apply_filters('uploading_iframe_src', $uploading_iframe_src);
if ( false != $uploading_iframe_src )
echo '<iframe id="uploading" border="0" src="' . $uploading_iframe_src . '">' . __('This feature requires iframe support.') . '</iframe>';
if (current_user_can('upload_files')) {
$uploading_iframe_ID = (0 == $post_ID ? $temp_ID : $post_ID);
$uploading_iframe_src = "inline-uploading.php?action=view&amp;post=$uploading_iframe_ID";
$uploading_iframe_src = apply_filters('uploading_iframe_src', $uploading_iframe_src);
if ( false != $uploading_iframe_src )
echo '<iframe id="uploading" border="0" src="' . $uploading_iframe_src . '">' . __('This feature requires iframe support.') . '</iframe>';
}
?>
<div id="advancedstuff" class="dbx-group" >

12
wp-admin/edit-page-form.php
View File

@ -184,11 +184,13 @@ else
<?php do_action('edit_page_form'); ?>
<?php
$uploading_iframe_ID = (0 == $post_ID ? $temp_ID : $post_ID);
$uploading_iframe_src = "inline-uploading.php?action=view&amp;post=$uploading_iframe_ID";
$uploading_iframe_src = apply_filters('uploading_iframe_src', $uploading_iframe_src);
if ( false != $uploading_iframe_src )
echo '<iframe id="uploading" border="0" src="' . $uploading_iframe_src . '">' . __('This feature requires iframe support.') . '</iframe>';
if (current_user_can('upload_files')) {
$uploading_iframe_ID = (0 == $post_ID ? $temp_ID : $post_ID);
$uploading_iframe_src = "inline-uploading.php?action=view&amp;post=$uploading_iframe_ID";
$uploading_iframe_src = apply_filters('uploading_iframe_src', $uploading_iframe_src);
if ( false != $uploading_iframe_src )
echo '<iframe id="uploading" border="0" src="' . $uploading_iframe_src . '">' . __('This feature requires iframe support.') . '</iframe>';
}
?>
<div id="advancedstuff" class="dbx-group">

4
wp-admin/inline-uploading.php
View File

@ -4,8 +4,8 @@ require_once('admin.php');
header('Content-Type: text/html; charset=' . get_option('blog_charset'));
if (!current_user_can('edit_posts'))
die(__('You do not have permission to edit posts.'));
if (!current_user_can('upload_files'))
die(__('You do not have permission to upload files.'));
$wpvarstoreset = array('action', 'post', 'all', 'last', 'link', 'sort', 'start', 'imgtitle', 'descr', 'attachment');