Permalink
Browse files

Restrict post IDs

git-svn-id: http://core.svn.wordpress.org/trunk@21048 1a063a9b-81f0-0310-95a4-ce76da25c4cd
  • Loading branch information...
1 parent e035513 commit b49c243443ce4f7a640b87c14fca184197c10baa ryan committed Jun 10, 2012
Showing with 8 additions and 0 deletions.
  1. +8 −0 wp-admin/media-upload.php
@@ -37,6 +37,9 @@
if ( isset($_GET['inline']) ) {
$errors = array();
+ if ( ! empty( $_REQUEST['post_id'] ) && ! current_user_can( 'edit_post' , $_REQUEST['post_id'] ) )
+ wp_die( __( 'Cheatin’ uh?' ) );
+
if ( isset($_POST['html-upload']) && !empty($_FILES) ) {
check_admin_referer('media-form');
// Upload File button was clicked
@@ -59,6 +62,9 @@
exit;
}
+ if ( isset( $_REQUEST['post_id'] ) )
+ wp_die( __( 'Cheatin’ uh?' ) );
+
$title = __('Upload New Media');
$parent_file = 'upload.php';
get_current_screen()->add_help_tab( array(
@@ -116,6 +122,8 @@
include('./admin-footer.php');
} else {
+ if ( ! empty( $_REQUEST['post_id'] ) && ! current_user_can( 'edit_post' , $_REQUEST['post_id'] ) )
+ wp_die( __( 'Cheatin’ uh?' ) );
// upload type: image, video, file, ..?
if ( isset($_GET['type']) )

0 comments on commit b49c243

Please sign in to comment.