Edit File by line

<?php

[0] Fix | Delete

/**

[1] Fix | Delete

* Manage media uploaded file.

[2] Fix | Delete

[3] Fix | Delete

* There are many filters in here for media. Plugins can extend functionality

[4] Fix | Delete

* by hooking into the filters.

[5] Fix | Delete

[6] Fix | Delete

* @package WordPress

[7] Fix | Delete

* @subpackage Administration

[8] Fix | Delete

[9] Fix | Delete

[10] Fix | Delete

if ( ! isset( $_GET['inline'] ) ) {

[11] Fix | Delete

define( 'IFRAME_REQUEST', true );

[12] Fix | Delete

}

[13] Fix | Delete

[14] Fix | Delete

/** Load WordPress Administration Bootstrap */

[15] Fix | Delete

require_once __DIR__ . '/admin.php';

[16] Fix | Delete

[17] Fix | Delete

if ( ! current_user_can( 'upload_files' ) ) {

[18] Fix | Delete

wp_die( __( 'Sorry, you are not allowed to upload files.' ), 403 );

[19] Fix | Delete

}

[20] Fix | Delete

[21] Fix | Delete

wp_enqueue_script( 'plupload-handlers' );

[22] Fix | Delete

wp_enqueue_script( 'image-edit' );

[23] Fix | Delete

wp_enqueue_script( 'set-post-thumbnail' );

[24] Fix | Delete

wp_enqueue_style( 'imgareaselect' );

[25] Fix | Delete

wp_enqueue_script( 'media-gallery' );

[26] Fix | Delete

[27] Fix | Delete

header( 'Content-Type: ' . get_option( 'html_type' ) . '; charset=' . get_option( 'blog_charset' ) );

[28] Fix | Delete

[29] Fix | Delete

// IDs should be integers.

[30] Fix | Delete

$ID = isset( $ID ) ? (int) $ID : 0; // phpcs:ignore WordPress.NamingConventions.ValidVariableName

[31] Fix | Delete

$post_id = isset( $post_id ) ? (int) $post_id : 0;

[32] Fix | Delete

[33] Fix | Delete

// Require an ID for the edit screen.

[34] Fix | Delete

if ( isset( $action ) && 'edit' === $action && ! $ID ) { // phpcs:ignore WordPress.NamingConventions.ValidVariableName

[35] Fix | Delete

wp_die(

[36] Fix | Delete

'<h1>' . __( 'Something went wrong.' ) . '</h1>' .

[37] Fix | Delete

'<p>' . __( 'Invalid item ID.' ) . '</p>',

[38] Fix | Delete

403

[39] Fix | Delete

);

[40] Fix | Delete

}

[41] Fix | Delete

[42] Fix | Delete

if ( ! empty( $_REQUEST['post_id'] ) && ! current_user_can( 'edit_post', $_REQUEST['post_id'] ) ) {

[43] Fix | Delete

wp_die(

[44] Fix | Delete

'<h1>' . __( 'You need a higher level of permission.' ) . '</h1>' .

[45] Fix | Delete

'<p>' . __( 'Sorry, you are not allowed to edit this item.' ) . '</p>',

[46] Fix | Delete

403

[47] Fix | Delete

);

[48] Fix | Delete

}

[49] Fix | Delete

[50] Fix | Delete

// Upload type: image, video, file, ...?

[51] Fix | Delete

if ( isset( $_GET['type'] ) ) {

[52] Fix | Delete

$type = (string) $_GET['type'];

[53] Fix | Delete

} else {

[54] Fix | Delete

/**

[55] Fix | Delete

* Filters the default media upload type in the legacy (pre-3.5.0) media popup.

[56] Fix | Delete

[57] Fix | Delete

* @since 2.5.0

[58] Fix | Delete

[59] Fix | Delete

* @param string $type The default media upload type. Possible values include

[60] Fix | Delete

* 'image', 'audio', 'video', 'file', etc. Default 'file'.

[61] Fix | Delete

[62] Fix | Delete

$type = apply_filters( 'media_upload_default_type', 'file' );

[63] Fix | Delete

}

[64] Fix | Delete

[65] Fix | Delete

// Tab: gallery, library, or type-specific.

[66] Fix | Delete

if ( isset( $_GET['tab'] ) ) {

[67] Fix | Delete

$tab = (string) $_GET['tab'];

[68] Fix | Delete

} else {

[69] Fix | Delete

/**

[70] Fix | Delete

* Filters the default tab in the legacy (pre-3.5.0) media popup.

[71] Fix | Delete

[72] Fix | Delete

* @since 2.5.0

[73] Fix | Delete

[74] Fix | Delete

* @param string $tab The default media popup tab. Default 'type' (From Computer).

[75] Fix | Delete

[76] Fix | Delete

$tab = apply_filters( 'media_upload_default_tab', 'type' );

[77] Fix | Delete

}

[78] Fix | Delete

[79] Fix | Delete

$body_id = 'media-upload';

[80] Fix | Delete

[81] Fix | Delete

// Let the action code decide how to handle the request.

[82] Fix | Delete

if ( 'type' === $tab || 'type_url' === $tab || ! array_key_exists( $tab, media_upload_tabs() ) ) {

[83] Fix | Delete

/**

[84] Fix | Delete

* Fires inside specific upload-type views in the legacy (pre-3.5.0)

[85] Fix | Delete

* media popup based on the current tab.

[86] Fix | Delete

[87] Fix | Delete

* The dynamic portion of the hook name, `$type`, refers to the specific

[88] Fix | Delete

* media upload type. Possible values include 'image', 'audio', 'video',

[89] Fix | Delete

* 'file', etc.

[90] Fix | Delete

[91] Fix | Delete

* The hook only fires if the current `$tab` is 'type' (From Computer),

[92] Fix | Delete

* 'type_url' (From URL), or, if the tab does not exist (i.e., has not

[93] Fix | Delete

* been registered via the {@see 'media_upload_tabs'} filter.

[94] Fix | Delete

[95] Fix | Delete

* @since 2.5.0

[96] Fix | Delete

[97] Fix | Delete

do_action( "media_upload_{$type}" );

[98] Fix | Delete

} else {

[99] Fix | Delete

/**

[100] Fix | Delete

* Fires inside limited and specific upload-tab views in the legacy

[101] Fix | Delete

* (pre-3.5.0) media popup.

[102] Fix | Delete

[103] Fix | Delete

* The dynamic portion of the hook name, `$tab`, refers to the specific

[104] Fix | Delete

* media upload tab. Possible values include 'library' (Media Library),

[105] Fix | Delete

* or any custom tab registered via the {@see 'media_upload_tabs'} filter.

[106] Fix | Delete

[107] Fix | Delete

* @since 2.5.0

[108] Fix | Delete

[109] Fix | Delete

do_action( "media_upload_{$tab}" );

[110] Fix | Delete

}

[111] Fix | Delete

[112] Fix | Delete

[113] Fix | Delete