PageRenderTime 37ms CodeModel.GetById 11ms RepoModel.GetById 0ms app.codeStats 0ms

/branches/2.1/wp-admin/upload-functions.php

#
PHP | 357 lines | 308 code | 47 blank | 2 comment | 68 complexity | eba2404f5d61d964dee69a618b7993f6 MD5 | raw file
Possible License(s): AGPL-1.0, LGPL-2.0, LGPL-2.1, GPL-2.0 
    

  1. <?php
    2. 

  2. function wp_upload_display( $dims = false, $href = '' ) {
    3. 

  3. 	global $post;
    4. 

  4. 	$id = get_the_ID();
    5. 

  5. 	$attachment_data = wp_get_attachment_metadata( $id );
    6. 

  6. 	$is_image = (int) wp_attachment_is_image();
    7. 

  7. 	if ( !isset($attachment_data['width']) && $is_image ) {
    8. 

  8. 		if ( $image_data = getimagesize( get_attached_file( $id ) ) ) {
    9. 

  9. 			$attachment_data['width'] = $image_data[0];
    10. 

  10. 			$attachment_data['height'] = $image_data[1];
    11. 

  11. 			wp_update_attachment_metadata( $id, $attachment_data );
    12. 

  12. 		}
    13. 

  13. 	}
    14. 

  14. 	if ( isset($attachment_data['width']) )
    15. 

  15. 		list($width,$height) = wp_shrink_dimensions($attachment_data['width'], $attachment_data['height'], 171, 128);
    16. 

  16. 		
    17. 

  17. 	ob_start();
    18. 

  18. 		the_title();
    19. 

  19. 		$post_title = attribute_escape(ob_get_contents());
    20. 

  20. 	ob_end_clean();
    21. 

  21. 	$post_content = apply_filters( 'content_edit_pre', $post->post_content );
    22. 

  22. 	
    23. 

  23. 	$class = 'text';
    24. 

  24. 	$innerHTML = get_attachment_innerHTML( $id, false, $dims );
    25. 

  25. 	if ( $image_src = get_attachment_icon_src() ) {
    26. 

  26. 		$image_rel = wp_make_link_relative($image_src);
    27. 

  27. 		$innerHTML = '&nbsp;' . str_replace($image_src, $image_rel, $innerHTML);
    28. 

  28. 		$class = 'image';
    29. 

  29. 	}
    30. 

  30. 

  31. 	$src_base = wp_get_attachment_url();
    32. 

  32. 	$src = wp_make_link_relative( $src_base );
    33. 

  33. 	$src_base = str_replace($src, '', $src_base);
    34. 

  34. 

  35. 	$r = '';
    36. 

  36. 

  37. 	if ( $href )
    38. 

  38. 		$r .= "<a id='file-link-$id' href='" . clean_url($href) ."' title='$post_title' class='file-link $class'>\n";
    39. 

  39. 	if ( $href || $image_src )
    40. 

  40. 		$r .= "\t\t\t$innerHTML";
    41. 

  41. 	if ( $href )
    42. 

  42. 		$r .= "</a>\n";
    43. 

  43. 	$r .= "\n\t\t<div class='upload-file-data'>\n\t\t\t<p>\n";
    44. 

  44. 	$r .= "\t\t\t\t<input type='hidden' name='attachment-url-$id' id='attachment-url-$id' value='$src' />\n";
    45. 

  45. 	$r .= "\t\t\t\t<input type='hidden' name='attachment-url-base-$id' id='attachment-url-base-$id' value='$src_base' />\n";
    46. 

  46. 

  47. 	if ( !$thumb_base = wp_get_attachment_thumb_url() )
    48. 

  48. 		$thumb_base = wp_mime_type_icon();
    49. 

  49. 	if ( $thumb_base ) {
    50. 

  50. 		$thumb_rel = wp_make_link_relative( $thumb_base );
    51. 

  51. 		$thumb_base = str_replace( $thumb_rel, '', $thumb_base );
    52. 

  52. 		$r .= "\t\t\t\t<input type='hidden' name='attachment-thumb-url-$id' id='attachment-thumb-url-$id' value='$thumb_rel' />\n";
    53. 

  53. 		$r .= "\t\t\t\t<input type='hidden' name='attachment-thumb-url-base-$id' id='attachment-thumb-url-base-$id' value='$thumb_base' />\n";
    54. 

  54. 	}
    55. 

  55. 

  56. 	$r .= "\t\t\t\t<input type='hidden' name='attachment-is-image-$id' id='attachment-is-image-$id' value='$is_image' />\n";
    57. 

  57. 

  58. 	if ( isset($width) ) {
    59. 

  59. 		$r .= "\t\t\t\t<input type='hidden' name='attachment-width-$id' id='attachment-width-$id' value='$width' />\n";
    60. 

  60. 		$r .= "\t\t\t\t<input type='hidden' name='attachment-height-$id' id='attachment-height-$id' value='$height' />\n";
    61. 

  61. 	}
    62. 

  62. 	$r .= "\t\t\t\t<input type='hidden' name='attachment-page-url-$id' id='attachment-page-url-$id' value='" . get_attachment_link( $id ) . "' />\n";
    63. 

  63. 	$r .= "\t\t\t\t<input type='hidden' name='attachment-title-$id' id='attachment-title-$id' value='$post_title' />\n";
    64. 

  64. 	$r .= "\t\t\t\t<input type='hidden' name='attachment-description-$id' id='attachment-description-$id' value='$post_content' />\n";
    65. 

  65. 	$r .= "\t\t\t</p>\n\t\t</div>\n";
    66. 

  66. 	return $r;
    67. 

  67. }
    68. 

  68. 

  69. function wp_upload_view() {
    70. 

  70. 	global $style, $post_id, $style;
    71. 

  71. 	$id = get_the_ID();
    72. 

  72. 	$attachment_data = wp_get_attachment_metadata( $id );
    73. 

  73. ?>
    74. 

  74. 	<div id="upload-file">
    75. 

  75. 		<div id="file-title">
    76. 

  76. 			<h2><?php if ( !isset($attachment_data['width']) && 'inline' != $style )
    77. 

  77. 					echo "<a href='" . wp_get_attachment_url() . "' title='" . __('Direct link to file') . "'>";
    78. 

  78. 				the_title();
    79. 

  79. 				if ( !isset($attachment_data['width']) && 'inline' != $style )
    80. 

  80. 					echo '</a>';
    81. 

  81. 			?></h2>
    82. 

  82. 			<span><?php
    83. 

  83. 				echo '[&nbsp;';
    84. 

  84. 				echo '<a href="' . get_permalink() . '">' . __('view') . '</a>';
    85. 

  85. 				echo '&nbsp;|&nbsp;';
    86. 

  86. 					echo '<a href="' . clean_url(add_query_arg('action', 'edit')) . '" title="' . __('Edit this file') . '">' . __('edit') . '</a>';
    87. 

  87. 				echo '&nbsp;|&nbsp;';
    88. 

  88. 				echo '<a href="' . clean_url(remove_query_arg(array('action', 'ID'))) . '" title="' . __('Browse your files') . '">' . __('cancel') . '</a>';
    89. 

  89. 				echo '&nbsp;]'; ?></span>
    90. 

  90. 		</div>
    91. 

  91. 

  92. 		<div id="upload-file-view" class="alignleft">
    93. 

  93. <?php		if ( isset($attachment_data['width']) && 'inline' != $style )
    94. 

  94. 			echo "<a href='" . wp_get_attachment_url() . "' title='" . __('Direct link to file') . "'>";
    95. 

  95. 		echo wp_upload_display( array(171, 128) );
    96. 

  96. 		if ( isset($attachment_data['width']) && 'inline' != $style )
    97. 

  97. 			echo '</a>'; ?>
    98. 

  98. 		</div>
    99. 

  99. 		<?php the_attachment_links( $id ); ?>
    100. 

  100. 	</div>
    101. 

  101. <?php	echo "<form action='' id='browse-form'><input type='hidden' id='nonce-value' value='" . wp_create_nonce( 'inlineuploading' )  . "' /></form>\n";
    102. 

  102. }
    103. 

  103. 

  104. function wp_upload_form() {
    105. 

  105. 	$id = get_the_ID();
    106. 

  106. 	global $post_id, $tab, $style;
    107. 

  107. 	$enctype = $id ? '' : ' enctype="multipart/form-data"';
    108. 

  108. ?>
    109. 

  109. 	<form<?php echo $enctype; ?> id="upload-file" method="post" action="<?php echo get_option('siteurl') . "/wp-admin/upload.php?style=$style&amp;tab=upload&amp;post_id=$post_id"; ?>">
    110. 

  110. <?php
    111. 

  111. 	if ( $id ) :
    112. 

  112. 		$attachment = get_post_to_edit( $id );
    113. 

  113. 		$attachment_data = wp_get_attachment_metadata( $id );
    114. 

  114. ?>
    115. 

  115. 		<div id="file-title">
    116. 

  116. 			<h2><?php if ( !isset($attachment_data['width']) && 'inline' != $style )
    117. 

  117. 					echo "<a href='" . wp_get_attachment_url() . "' title='" . __('Direct link to file') . "'>";
    118. 

  118. 				the_title();
    119. 

  119. 				if ( !isset($attachment_data['width']) && 'inline' != $style )
    120. 

  120. 					echo '</a>';
    121. 

  121. 			?></h2>
    122. 

  122. 			<span><?php
    123. 

  123. 				echo '[&nbsp;';
    124. 

  124. 				echo '<a href="' . get_permalink() . '">' . __('view') . '</a>';
    125. 

  125. 				echo '&nbsp;|&nbsp;';
    126. 

  126. 					echo '<a href="' . clean_url(add_query_arg('action', 'view')) . '">' . __('links') . '</a>';
    127. 

  127. 				echo '&nbsp;|&nbsp;';
    128. 

  128. 				echo '<a href="' . clean_url(remove_query_arg(array('action','ID'))) . '" title="' . __('Browse your files') . '">' . __('cancel') . '</a>';
    129. 

  129. 				echo '&nbsp;]'; ?></span>
    130. 

  130. 		</div>
    131. 

  131. 

  132. 	<div id="upload-file-view" class="alignleft">
    133. 

  133. <?php		if ( isset($attachment_data['width']) && 'inline' != $style )
    134. 

  134. 			echo "<a href='" . wp_get_attachment_url() . "' title='" . __('Direct link to file') . "'>";
    135. 

  135. 		echo wp_upload_display( array(171, 128) );
    136. 

  136. 		if ( isset($attachment_data['width']) && 'inline' != $style )
    137. 

  137. 			echo '</a>'; ?>
    138. 

  138. 	</div>
    139. 

  139. <?php	endif; ?>
    140. 

  140. 		<table><col /><col class="widefat" />
    141. 

  141. <?php	if ( $id ): ?>
    142. 

  142. 			<tr>
    143. 

  143. 				<th scope="row"><label for="url"><?php _e('URL'); ?></label></th>
    144. 

  144. 				<td><input type="text" id="url" class="readonly" value="<?php echo wp_get_attachment_url(); ?>" readonly="readonly" /></td>
    145. 

  145. 			</tr>
    146. 

  146. <?php	else : ?>
    147. 

  147. 			<tr>
    148. 

  148. 				<th scope="row"><label for="upload"><?php _e('File'); ?></label></th>
    149. 

  149. 				<td><input type="file" id="upload" name="image" /></td>
    150. 

  150. 			</tr>
    151. 

  151. <?php	endif; ?>
    152. 

  152. 			<tr>
    153. 

  153. 				<th scope="row"><label for="post_title"><?php _e('Title'); ?></label></th>
    154. 

  154. 				<td><input type="text" id="post_title" name="post_title" value="<?php echo $attachment->post_title; ?>" /></td>
    155. 

  155. 			</tr>
    156. 

  156. 			<tr>
    157. 

  157. 				<th scope="row"><label for="post_content"><?php _e('Description'); ?></label></th>
    158. 

  158. 				<td><textarea name="post_content" id="post_content"><?php echo $attachment->post_content; ?></textarea></td>
    159. 

  159. 			</tr>
    160. 

  160. 			<tr id="buttons" class="submit">
    161. 

  161. 				<td colspan='2'>
    162. 

  162. <?php	if ( $id ) : ?>
    163. 

  163. 					<input type="submit" name="delete" id="delete" class="delete alignleft" value="<?php _e('Delete File'); ?>" />
    164. 

  164. <?php	endif; ?>
    165. 

  165. 					<input type="hidden" name="from_tab" value="<?php echo $tab; ?>" />
    166. 

  166. 					<input type="hidden" name="action" value="<?php echo $id ? 'save' : 'upload'; ?>" />
    167. 

  167. <?php	if ( $post_id ) : ?>
    168. 

  168. 					<input type="hidden" name="post_id" value="<?php echo $post_id; ?>" />
    169. 

  169. <?php	endif; if ( $id ) : ?>
    170. 

  170. 					<input type="hidden" name="ID" value="<?php echo $id; ?>" />
    171. 

  171. <?php	endif; ?>
    172. 

  172. 					<?php wp_nonce_field( 'inlineuploading' ); ?>
    173. 

  173. 					<div class="submit">
    174. 

  174. 						<input type="submit" value="<?php $id ? _e('Save') : _e('Upload'); ?> &raquo;" />
    175. 

  175. 					</div>
    176. 

  176. 				</td>
    177. 

  177. 			</tr>
    178. 

  178. 		</table>
    179. 

  179. 	</form>
    180. 

  180. <?php
    181. 

  181. }
    182. 

  182. 

  183. function wp_upload_tab_upload() {
    184. 

  184. 	wp_upload_form();
    185. 

  185. }
    186. 

  186. 

  187. function wp_upload_tab_upload_action() {
    188. 

  188. 	global $action;
    189. 

  189. 	if ( isset($_POST['delete']) )
    190. 

  190. 		$action = 'delete';
    191. 

  191. 

  192. 	switch ( $action ) :
    193. 

  193. 	case 'upload' :
    194. 

  194. 		global $from_tab, $post_id, $style;
    195. 

  195. 		if ( !$from_tab )
    196. 

  196. 			$from_tab = 'upload';
    197. 

  197. 

  198. 		check_admin_referer( 'inlineuploading' );
    199. 

  199. 

  200. 		global $post_id, $post_title, $post_content;
    201. 

  201. 

  202. 		if ( !current_user_can( 'upload_files' ) )
    203. 

  203. 			wp_die( __('You are not allowed to upload files.')
    204. 

  204. 				. " <a href='" . get_option('siteurl') . "/wp-admin/upload.php?style=$style&amp;tab=browse-all&amp;post_id=$post_id'>"
    205. 

  205. 				. __('Browse Files') . '</a>'
    206. 

  206. 			);
    207. 

  207. 

  208. 		$overrides = array('action'=>'upload');
    209. 

  209. 

  210. 		$file = wp_handle_upload($_FILES['image'], $overrides);
    211. 

  211. 

  212. 		if ( isset($file['error']) )
    213. 

  213. 			wp_die($file['error'] . "<br /><a href='" . get_option('siteurl')
    214. 

  214. 			. "/wp-admin/upload.php?style=$style&amp;tab=$from_tab&amp;post_id=$post_id'>" . __('Back to Image Uploading') . '</a>'
    215. 

  215. 		);
    216. 

  216. 

  217. 		$url = $file['url'];
    218. 

  218. 		$type = $file['type'];
    219. 

  219. 		$file = $file['file'];
    220. 

  220. 		$filename = basename($file);
    221. 

  221. 

  222. 		// Construct the attachment array
    223. 

  223. 		$attachment = array(
    224. 

  224. 			'post_title' => $post_title ? $post_title : $filename,
    225. 

  225. 			'post_content' => $post_content,
    226. 

  226. 			'post_type' => 'attachment',
    227. 

  227. 			'post_parent' => $post_id,
    228. 

  228. 			'post_mime_type' => $type,
    229. 

  229. 			'guid' => $url
    230. 

  230. 		);
    231. 

  231. 

  232. 		// Save the data
    233. 

  233. 		$id = wp_insert_attachment($attachment, $file, $post_id);
    234. 

  234. 

  235. 		wp_update_attachment_metadata( $id, wp_generate_attachment_metadata( $id, $file ) );
    236. 

  236. 

  237. 		wp_redirect( get_option('siteurl') . "/wp-admin/upload.php?style=$style&tab=browse&action=view&ID=$id&post_id=$post_id");
    238. 

  238. 		die;
    239. 

  239. 		break;
    240. 

  240. 

  241. 	case 'save' :
    242. 

  242. 		global $from_tab, $post_id, $style;
    243. 

  243. 		if ( !$from_tab )
    244. 

  244. 			$from_tab = 'upload';
    245. 

  245. 		check_admin_referer( 'inlineuploading' );
    246. 

  246. 

  247. 		wp_update_post($_POST);
    248. 

  248. 		wp_redirect( get_option('siteurl') . "/wp-admin/upload.php?style=$style&tab=$from_tab&post_id=$post_id");
    249. 

  249. 		die;
    250. 

  250. 		break;
    251. 

  251. 

  252. 	case 'delete' :
    253. 

  253. 		global $ID, $post_id, $from_tab, $style;
    254. 

  254. 		if ( !$from_tab )
    255. 

  255. 			$from_tab = 'upload';
    256. 

  256. 

  257. 		check_admin_referer( 'inlineuploading' );
    258. 

  258. 

  259. 		if ( !current_user_can('edit_post', (int) $ID) )
    260. 

  260. 			wp_die( __('You are not allowed to delete this attachment.')
    261. 

  261. 				. " <a href='" . get_option('siteurl') . "/wp-admin/upload.php?style=$style&amp;tab=$from_tab&amp;post_id=$post_id'>"
    262. 

  262. 				. __('Go back') . '</a>'
    263. 

  263. 			);
    264. 

  264. 

  265. 		wp_delete_attachment($ID);
    266. 

  266. 

  267. 		wp_redirect( get_option('siteurl') . "/wp-admin/upload.php?style=$style&tab=$from_tab&post_id=$post_id" );
    268. 

  268. 		die;
    269. 

  269. 		break;
    270. 

  270. 

  271. 	endswitch;
    272. 

  272. }
    273. 

  273. 

  274. add_action( 'upload_files_upload', 'wp_upload_tab_upload_action' );
    275. 

  275. 

  276. function wp_upload_grab_attachments( $obj ) {
    277. 

  277. 	$obj->is_attachment = true;
    278. 

  278. }
    279. 

  279. 

  280. function wp_upload_posts_where( $where ) {
    281. 

  281. 	global $post_id;
    282. 

  282. 	return $where . " AND post_parent = '" . (int) $post_id . "'";
    283. 

  283. }
    284. 

  284. 

  285. function wp_upload_tab_browse() {
    286. 

  286. 	global $wpdb, $action, $paged;
    287. 

  287. 	$old_vars = compact( 'paged' );
    288. 

  288. 	
    289. 

  289. 	switch ( $action ) :
    290. 

  290. 	case 'edit' :
    291. 

  291. 	case 'view' :
    292. 

  292. 		global $ID;
    293. 

  293. 		$attachments = query_posts("attachment_id=$ID");
    294. 

  294. 		if ( have_posts() ) : while ( have_posts() ) : the_post();
    295. 

  295. 			'edit' == $action ? wp_upload_form() : wp_upload_view();
    296. 

  296. 		endwhile; endif;
    297. 

  297. 		break;
    298. 

  298. 	default :
    299. 

  299. 		global $tab, $post_id, $style;
    300. 

  300. 		add_action( 'pre_get_posts', 'wp_upload_grab_attachments' );
    301. 

  301. 		if ( 'browse' == $tab && $post_id )
    302. 

  302. 			add_filter( 'posts_where', 'wp_upload_posts_where' );
    303. 

  303. 		$attachments = query_posts("what_to_show=posts&posts_per_page=10&paged=$paged");
    304. 

  304. 		$count_query = "SELECT COUNT(*) FROM $wpdb->posts WHERE post_type = 'attachment'";
    305. 

  305. 		if ( $post_id )
    306. 

  306. 			$count_query .= " AND post_parent = '$post_id'";
    307. 

  307.         	$total =  $wpdb->get_var($count_query);
    308. 

  308. 

  309. 		echo "<ul id='upload-files'>\n";
    310. 

  310. 		if ( have_posts() ) : while ( have_posts() ) : the_post();
    311. 

  311. 			$href = wp_specialchars( add_query_arg( array(
    312. 

  312. 				'action' => 'inline' == $style ? 'view' : 'edit',
    313. 

  313. 				'ID' => get_the_ID())
    314. 

  314. 			 ), 1 );
    315. 

  315. 

  316. 			echo "\t<li id='file-";
    317. 

  317. 			the_ID();
    318. 

  318. 			echo "' class='alignleft'>\n";
    319. 

  319. 			echo wp_upload_display( array(128,128), $href );
    320. 

  320. 			echo "\t</li>\n";
    321. 

  321. 		endwhile;
    322. 

  322. 		else :
    323. 

  323. 			echo "\t<li>" . __('There are no attachments to show.') . "</li>\n";
    324. 

  324. 		endif;
    325. 

  325. 		echo "</ul>\n\n";
    326. 

  326. 

  327. 		echo "<form action='' id='browse-form'><input type='hidden' id='nonce-value' value='" . wp_create_nonce( 'inlineuploading' )  . "' /></form>\n";
    328. 

  328. 		break;
    329. 

  329. 	endswitch;
    330. 

  330. 

  331. 	extract($old_vars);
    332. 

  332. }
    333. 

  333. 

  334. 

  335. function wp_upload_tab_browse_action() {
    336. 

  336. 	global $style;
    337. 

  337. 	if ( 'inline' == $style )
    338. 

  338. 		wp_enqueue_script('upload');
    339. 

  339. }
    340. 

  340. 

  341. add_action( 'upload_files_browse', 'wp_upload_tab_browse_action' );
    342. 

  342. add_action( 'upload_files_browse-all', 'wp_upload_tab_browse_action' );
    343. 

  343. 

  344. function wp_upload_admin_head() {
    345. 

  345. 	global $wp_locale;
    346. 

  346. 	echo "<link rel='stylesheet' href='" . get_option('siteurl') . '/wp-admin/upload.css?version=' . get_bloginfo('version') . "a' type='text/css' />\n";
    347. 

  347. 	if ( 'rtl' == $wp_locale->text_direction )
    348. 

  348. 		echo "<link rel='stylesheet' href='" . get_option('siteurl') . '/wp-admin/upload-rtl.css?version=' . get_bloginfo('version') . "a' type='text/css' />\n";
    349. 

  349. 	if ( 'inline' == @$_GET['style'] ) {
    350. 

  350. 		echo "<style type='text/css' media='screen'>\n";
    351. 

  351. 		echo "\t#upload-menu { position: absolute; z-index: 2; }\n";
    352. 

  352. 		echo "\tbody > #upload-menu { position: fixed; }\n";
    353. 

  353. 		echo "\t#upload-content { top: 2em; }\n";
    354. 

  354. 		echo "\t#upload-file { position: absolute; top: 15px; }\n";
    355. 

  355. 		echo "</style>";
    356. 

  356. 	}
    357. 

  357. }
    358. 

  358.