wp_ajax_upload_attachment()
Ajax handler for uploading attachments
Source
File: wp-admin/includes/ajax-actions.php
function wp_ajax_upload_attachment() {
check_ajax_referer( 'media-form' );
/*
* This function does not use wp_send_json_success() / wp_send_json_error()
* as the html4 Plupload handler requires a text/html content-type for older IE.
* See https://core.trac.wordpress.org/ticket/31037
*/
if ( ! current_user_can( 'upload_files' ) ) {
echo wp_json_encode( array(
'success' => false,
'data' => array(
'message' => __( 'Sorry, you are not allowed to upload files.' ),
'filename' => esc_html( $_FILES['async-upload']['name'] ),
)
) );
wp_die();
}
if ( isset( $_REQUEST['post_id'] ) ) {
$post_id = $_REQUEST['post_id'];
if ( ! current_user_can( 'edit_post', $post_id ) ) {
echo wp_json_encode( array(
'success' => false,
'data' => array(
'message' => __( 'Sorry, you are not allowed to attach files to this post.' ),
'filename' => esc_html( $_FILES['async-upload']['name'] ),
)
) );
wp_die();
}
} else {
$post_id = null;
}
$post_data = ! empty( $_REQUEST['post_data'] ) ? _wp_get_allowed_postdata( _wp_translate_postdata( false, (array) $_REQUEST['post_data'] ) ) : array();
if ( is_wp_error( $post_data ) ) {
wp_die( $post_data->get_error_message() );
}
// If the context is custom header or background, make sure the uploaded file is an image.
if ( isset( $post_data['context'] ) && in_array( $post_data['context'], array( 'custom-header', 'custom-background' ) ) ) {
$wp_filetype = wp_check_filetype_and_ext( $_FILES['async-upload']['tmp_name'], $_FILES['async-upload']['name'] );
if ( ! wp_match_mime_types( 'image', $wp_filetype['type'] ) ) {
echo wp_json_encode( array(
'success' => false,
'data' => array(
'message' => __( 'The uploaded file is not a valid image. Please try again.' ),
'filename' => esc_html( $_FILES['async-upload']['name'] ),
)
) );
wp_die();
}
}
$attachment_id = media_handle_upload( 'async-upload', $post_id, $post_data );
if ( is_wp_error( $attachment_id ) ) {
echo wp_json_encode( array(
'success' => false,
'data' => array(
'message' => $attachment_id->get_error_message(),
'filename' => esc_html( $_FILES['async-upload']['name'] ),
)
) );
wp_die();
}
if ( isset( $post_data['context'] ) && isset( $post_data['theme'] ) ) {
if ( 'custom-background' === $post_data['context'] )
update_post_meta( $attachment_id, '_wp_attachment_is_custom_background', $post_data['theme'] );
if ( 'custom-header' === $post_data['context'] )
update_post_meta( $attachment_id, '_wp_attachment_is_custom_header', $post_data['theme'] );
}
if ( ! $attachment = wp_prepare_attachment_for_js( $attachment_id ) )
wp_die();
echo wp_json_encode( array(
'success' => true,
'data' => $attachment,
) );
wp_die();
}
Changelog
Version | Description |
---|---|
WP-3.3.0 | Introduced. |