File: /var/www/dk/wp-content/themes/food/page-wp_upload_img.php
<?php
/* Template Name: wp_upload_img */
?>
<?php
if ($_GET) {
$action = $_GET['act'];
if ($action == 'delimg') {
$filename = $_POST['imagename'];
$filelink = $_POST['imagelink'];
if (!empty($filename)) {
if (wp_delete_attachment($filelink)) {
echo '1';
exit;
} else {
echo '删除失败.';
exit;
}
}
} else if ($action == 'get_url') {
$file_id = intval($_GET['file_id']);
$image_url = wp_get_attachment_image_url($file_id, 'full');
$arr = array(
'id' => $file_id,
'url' => $image_url,
);
//var_dump($arr);
// echo json_encode($arr, true);
echo wp_json_encode($arr);
}
} else {
if (!isset($_POST['user_id'])) {
// print 'Sorry, your nonce did not verify. 1';
$arr = array(
'rc' => ApiErrorDesc::ERR_PARAMS[0],
'msg' => 'Sorry, your nonce did not verify. 1'
);
// echo json_encode($arr, true);
echo wp_json_encode($arr);
exit;
}
if (!isset($_POST['img_upload_verify'])) {
// print 'Sorry, your nonce did not verify. 2';
$arr = array(
'rc' => ApiErrorDesc::ERR_PARAMS[0],
'msg' => 'Sorry, your nonce did not verify. 2',
);
// echo json_encode($arr, true);
echo wp_json_encode($arr);
exit;
}
// if (! isset( $_POST['wponc'] ) || ! wp_verify_nonce( $_POST['wponc'], 'wpnonce_action' ) && $_POST['userid'] ) //用户操作判断 && current_user_can( 'edit_post', $_POST['post_id'] )
if (intval($_POST['user_id']) == 0 || CheckFunc::checkInput2('img_upload_verify') != Config::IMG_UPLOAD_VERIFY[0]) { //进行校验
// print 'Sorry, your nonce did not verify.3';
$arr = array(
'rc' => ApiErrorDesc::ERR_PARAMS[0],
'msg' => 'Sorry, your nonce did not verify. 3',
);
// echo json_encode($arr, true);
echo wp_json_encode($arr);
} else {
// var_dump($_FILES['images']);
// get the files posted
$images = $_FILES['images'];
// get file names
$filenames = $images['name'];
$picsize = $images['size'];
$pictype = $images['type'];
//var_dump( $filenames);
// $wpnonce = $_POST['wponc'];
$user_id = intval($_POST['user_id']);
// loop and process files
// $picsize = $_FILES['images']['size'];
// $pictype = $_FILES['images']['type'];
// 如果通过检查,安全性是没问题的
// 在前端使用时,需要引入以下3个文件
require_once(ABSPATH . 'wp-admin/includes/image.php');
require_once(ABSPATH . 'wp-admin/includes/file.php');
require_once(ABSPATH . 'wp-admin/includes/media.php');
// 让WordPress处理上传的文件
// 注意, 'my_image_upload' 是上面表单里的文件字段的name
//$attachment_id = media_handle_upload( 'my_image_upload', $_POST['post_id'] );
$attachment_id = media_handle_upload('images', '');
// echo '<br>$attachment_id : '.$attachment_id;
//$attachment_id = media_handle_upload( 'imgnewarr', '' );
if (is_wp_error($attachment_id)) {
//echo '$attachment_id = '.$attachment_id.' -ID<br>';
echo '上传出错时的处理<br>';
//var_dump( $images);
} else {
//echo '上传成功后的处理' ;
$upimgifno = wp_get_attachment_image_src($attachment_id, $size = 'full', $icon = true);
$picname = basename($upimgifno[0]);
//echo '$picname'.$picname;
$ext = pathinfo($filenames, PATHINFO_EXTENSION);
// echo '$ext ' . $ext;
$pic = $upimgifno[0];
$size = round($picsize / 1024, 2);
if ($ext == 'mp4') {
$image_url = wp_get_attachment_url($attachment_id);
// print_r($image_url);
}else{
$image_url = wp_get_attachment_image_url($attachment_id, 'full');
}
// if ($ext == 'mov') {
//// echo '<br>mov';
// global $wpdb;
// $sql = $wpdb->prepare("UPDATE `wp_posts` SET `post_mime_type`= 'video/mp4' WHERE `ID`= '%d'", $attachment_id);
//
// $result = $wpdb->query($sql);
// }
$arr = array(
'rc' => 0,
'msg' => ApiErrorDesc::SUCCESS[1],
'id' => $attachment_id,
'url' => $image_url,
'ext' => $ext,
'caption' => $picname,
//'pic' => $pic,
'size' => $size,
//'$wpnonce' => $wpnonce,
//'$userid' => $userid,
'type' => $pictype, //"image/jpeg"
'key' => $attachment_id,
//'url' => $url
);
//var_dump($arr);
// echo json_encode($arr, true);
echo wp_json_encode($arr);
}
//print 'success.';
}
exit;
}