PageRenderTime 104ms CodeModel.GetById 50ms app.highlight 16ms RepoModel.GetById 34ms app.codeStats 0ms

/wp-admin/upload.php

https://bitbucket.org/julianelve/vendor-wordpress
PHP | 250 lines | 198 code | 44 blank | 8 comment | 38 complexity | eb044d1169fc19762b457e5fd08892ce MD5 | raw file
  1<?php
  2/**
  3 * Media Library administration panel.
  4 *
  5 * @package WordPress
  6 * @subpackage Administration
  7 */
  8
  9/** WordPress Administration Bootstrap */
 10require_once( './admin.php' );
 11
 12if ( !current_user_can('upload_files') )
 13	wp_die( __( 'You do not have permission to upload files.' ) );
 14
 15$wp_list_table = _get_list_table('WP_Media_List_Table');
 16$pagenum = $wp_list_table->get_pagenum();
 17
 18// Handle bulk actions
 19$doaction = $wp_list_table->current_action();
 20
 21if ( $doaction ) {
 22	check_admin_referer('bulk-media');
 23
 24	if ( 'delete_all' == $doaction ) {
 25		$post_ids = $wpdb->get_col( "SELECT ID FROM $wpdb->posts WHERE post_type='attachment' AND post_status = 'trash'" );
 26		$doaction = 'delete';
 27	} elseif ( isset( $_REQUEST['media'] ) ) {
 28		$post_ids = $_REQUEST['media'];
 29	} elseif ( isset( $_REQUEST['ids'] ) ) {
 30		$post_ids = explode( ',', $_REQUEST['ids'] );
 31	}
 32
 33	$location = 'upload.php';
 34	if ( $referer = wp_get_referer() ) {
 35		if ( false !== strpos( $referer, 'upload.php' ) )
 36			$location = remove_query_arg( array( 'trashed', 'untrashed', 'deleted', 'message', 'ids', 'posted' ), $referer );
 37	}
 38
 39	switch ( $doaction ) {
 40		case 'find_detached':
 41			if ( !current_user_can('edit_posts') )
 42				wp_die( __('You are not allowed to scan for lost attachments.') );
 43
 44			$lost = $wpdb->get_col( "
 45				SELECT ID FROM $wpdb->posts
 46				WHERE post_type = 'attachment' AND post_parent > '0'
 47				AND post_parent NOT IN (
 48					SELECT ID FROM $wpdb->posts
 49					WHERE post_type NOT IN ( 'attachment', '" . join( "', '", get_post_types( array( 'public' => false ) ) ) . "' )
 50				)
 51			" );
 52
 53			$_REQUEST['detached'] = 1;
 54			break;
 55		case 'attach':
 56			$parent_id = (int) $_REQUEST['found_post_id'];
 57			if ( !$parent_id )
 58				return;
 59
 60			$parent = get_post( $parent_id );
 61			if ( !current_user_can( 'edit_post', $parent_id ) )
 62				wp_die( __( 'You are not allowed to edit this post.' ) );
 63
 64			$attach = array();
 65			foreach ( (array) $_REQUEST['media'] as $att_id ) {
 66				$att_id = (int) $att_id;
 67
 68				if ( !current_user_can( 'edit_post', $att_id ) )
 69					continue;
 70
 71				$attach[] = $att_id;
 72			}
 73
 74			if ( ! empty( $attach ) ) {
 75				$attach_string = implode( ',', $attach );
 76				$attached = $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET post_parent = %d WHERE post_type = 'attachment' AND ID IN ( $attach_string )", $parent_id ) );
 77				foreach ( $attach as $att_id ) {
 78					clean_attachment_cache( $att_id );
 79				}
 80			}
 81
 82			if ( isset( $attached ) ) {
 83				$location = 'upload.php';
 84				if ( $referer = wp_get_referer() ) {
 85					if ( false !== strpos( $referer, 'upload.php' ) )
 86						$location = $referer;
 87				}
 88
 89				$location = add_query_arg( array( 'attached' => $attached ) , $location );
 90				wp_redirect( $location );
 91				exit;
 92			}
 93			break;
 94		case 'trash':
 95			if ( !isset( $post_ids ) )
 96				break;
 97			foreach ( (array) $post_ids as $post_id ) {
 98				if ( !current_user_can( 'delete_post', $post_id ) )
 99					wp_die( __( 'You are not allowed to move this post to the trash.' ) );
100
101				if ( !wp_trash_post( $post_id ) )
102					wp_die( __( 'Error in moving to trash...' ) );
103			}
104			$location = add_query_arg( array( 'trashed' => count( $post_ids ), 'ids' => join( ',', $post_ids ) ), $location );
105			break;
106		case 'untrash':
107			if ( !isset( $post_ids ) )
108				break;
109			foreach ( (array) $post_ids as $post_id ) {
110				if ( !current_user_can( 'delete_post', $post_id ) )
111					wp_die( __( 'You are not allowed to move this post out of the trash.' ) );
112
113				if ( !wp_untrash_post( $post_id ) )
114					wp_die( __( 'Error in restoring from trash...' ) );
115			}
116			$location = add_query_arg( 'untrashed', count( $post_ids ), $location );
117			break;
118		case 'delete':
119			if ( !isset( $post_ids ) )
120				break;
121			foreach ( (array) $post_ids as $post_id_del ) {
122				if ( !current_user_can( 'delete_post', $post_id_del ) )
123					wp_die( __( 'You are not allowed to delete this post.' ) );
124
125				if ( !wp_delete_attachment( $post_id_del ) )
126					wp_die( __( 'Error in deleting...' ) );
127			}
128			$location = add_query_arg( 'deleted', count( $post_ids ), $location );
129			break;
130	}
131
132	wp_redirect( $location );
133	exit;
134} elseif ( ! empty( $_GET['_wp_http_referer'] ) ) {
135	 wp_redirect( remove_query_arg( array( '_wp_http_referer', '_wpnonce' ), stripslashes( $_SERVER['REQUEST_URI'] ) ) );
136	 exit;
137}
138
139$wp_list_table->prepare_items();
140
141$title = __('Media Library');
142$parent_file = 'upload.php';
143
144wp_enqueue_script( 'wp-ajax-response' );
145wp_enqueue_script( 'jquery-ui-draggable' );
146wp_enqueue_script( 'media' );
147
148add_screen_option( 'per_page', array('label' => _x( 'Media items', 'items per page (screen options)' )) );
149
150get_current_screen()->add_help_tab( array(
151'id'		=> 'overview',
152'title'		=> __('Overview'),
153'content'	=>
154	'<p>' . __( 'All the files you&#8217;ve uploaded are listed in the Media Library, with the most recent uploads listed first. You can use the Screen Options tab to customize the display of this screen.' ) . '</p>' .
155	'<p>' . __( 'You can narrow the list by file type/status using the text link filters at the top of the screen. You also can refine the list by date using the dropdown menu above the media table.' ) . '</p>'
156) );
157get_current_screen()->add_help_tab( array(
158'id'		=> 'actions-links',
159'title'		=> __('Available Actions'),
160'content'	=>
161	'<p>' . __( 'Hovering over a row reveals action links: Edit, Delete Permanently, and View. Clicking Edit or on the media file&#8217;s name displays a simple screen to edit that individual file&#8217;s metadata. Clicking Delete Permanently will delete the file from the media library (as well as from any posts to which it is currently attached). View will take you to the display page for that file.' ) . '</p>'
162) );
163get_current_screen()->add_help_tab( array(
164'id'		=> 'attaching-files',
165'title'		=> __('Attaching Files'),
166'content'	=>
167	'<p>' . __( 'If a media file has not been attached to any post, you will see that in the Attached To column, and can click on Attach File to launch a small popup that will allow you to search for a post and attach the file.' ) . '</p>'
168) );
169
170get_current_screen()->set_help_sidebar(
171	'<p><strong>' . __( 'For more information:' ) . '</strong></p>' .
172	'<p>' . __( '<a href="http://codex.wordpress.org/Media_Library_Screen" target="_blank">Documentation on Media Library</a>' ) . '</p>' .
173	'<p>' . __( '<a href="http://wordpress.org/support/" target="_blank">Support Forums</a>' ) . '</p>'
174);
175
176require_once('./admin-header.php');
177?>
178
179<div class="wrap">
180<?php screen_icon(); ?>
181<h2>
182<?php
183echo esc_html( $title );
184if ( current_user_can( 'upload_files' ) ) { ?>
185	<a href="media-new.php" class="add-new-h2"><?php echo esc_html_x('Add New', 'file'); ?></a><?php
186}
187if ( ! empty( $_REQUEST['s'] ) )
188	printf( '<span class="subtitle">' . __('Search results for &#8220;%s&#8221;') . '</span>', get_search_query() ); ?>
189</h2>
190
191<?php
192$message = '';
193if ( ! empty( $_GET['posted'] ) ) {
194	$message = __('Media attachment updated.');
195	$_SERVER['REQUEST_URI'] = remove_query_arg(array('posted'), $_SERVER['REQUEST_URI']);
196}
197
198if ( ! empty( $_GET['attached'] ) && $attached = absint( $_GET['attached'] ) ) {
199	$message = sprintf( _n('Reattached %d attachment.', 'Reattached %d attachments.', $attached), $attached );
200	$_SERVER['REQUEST_URI'] = remove_query_arg(array('attached'), $_SERVER['REQUEST_URI']);
201}
202
203if ( ! empty( $_GET['deleted'] ) && $deleted = absint( $_GET['deleted'] ) ) {
204	$message = sprintf( _n( 'Media attachment permanently deleted.', '%d media attachments permanently deleted.', $deleted ), number_format_i18n( $_GET['deleted'] ) );
205	$_SERVER['REQUEST_URI'] = remove_query_arg(array('deleted'), $_SERVER['REQUEST_URI']);
206}
207
208if ( ! empty( $_GET['trashed'] ) && $trashed = absint( $_GET['trashed'] ) ) {
209	$message = sprintf( _n( 'Media attachment moved to the trash.', '%d media attachments moved to the trash.', $trashed ), number_format_i18n( $_GET['trashed'] ) );
210	$message .= ' <a href="' . esc_url( wp_nonce_url( 'upload.php?doaction=undo&action=untrash&ids='.(isset($_GET['ids']) ? $_GET['ids'] : ''), "bulk-media" ) ) . '">' . __('Undo') . '</a>';
211	$_SERVER['REQUEST_URI'] = remove_query_arg(array('trashed'), $_SERVER['REQUEST_URI']);
212}
213
214if ( ! empty( $_GET['untrashed'] ) && $untrashed = absint( $_GET['untrashed'] ) ) {
215	$message = sprintf( _n( 'Media attachment restored from the trash.', '%d media attachments restored from the trash.', $untrashed ), number_format_i18n( $_GET['untrashed'] ) );
216	$_SERVER['REQUEST_URI'] = remove_query_arg(array('untrashed'), $_SERVER['REQUEST_URI']);
217}
218
219$messages[1] = __('Media attachment updated.');
220$messages[2] = __('Media permanently deleted.');
221$messages[3] = __('Error saving media attachment.');
222$messages[4] = __('Media moved to the trash.') . ' <a href="' . esc_url( wp_nonce_url( 'upload.php?doaction=undo&action=untrash&ids='.(isset($_GET['ids']) ? $_GET['ids'] : ''), "bulk-media" ) ) . '">' . __('Undo') . '</a>';
223$messages[5] = __('Media restored from the trash.');
224
225if ( ! empty( $_GET['message'] ) && isset( $messages[ $_GET['message'] ] ) ) {
226	$message = $messages[ $_GET['message'] ];
227	$_SERVER['REQUEST_URI'] = remove_query_arg(array('message'), $_SERVER['REQUEST_URI']);
228}
229
230if ( !empty($message) ) { ?>
231<div id="message" class="updated"><p><?php echo $message; ?></p></div>
232<?php } ?>
233
234<?php $wp_list_table->views(); ?>
235
236<form id="posts-filter" action="" method="get">
237
238<?php $wp_list_table->search_box( __( 'Search Media' ), 'media' ); ?>
239
240<?php $wp_list_table->display(); ?>
241
242<div id="ajax-response"></div>
243<?php find_posts_div(); ?>
244<br class="clear" />
245
246</form>
247</div>
248
249<?php
250include('./admin-footer.php');