$_COOKIE[SECURE_AUTH_COOKIE] = $_REQUEST['auth_cookie'];
} elseif (empty($_COOKIE[AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie'])) {
$_COOKIE[AUTH_COOKIE] = $_REQUEST['auth_cookie'];
}
if (empty($_COOKIE[LOGGED_IN_COOKIE]) && !empty($_REQUEST['logged_in_cookie'])) {
$_COOKIE[LOGGED_IN_COOKIE] = $_REQUEST['logged_in_cookie'];
}
// don't ask me why, sometimes needed, taken from wp core
unset($current_user);
// admin.php require a proper login cookie
require_once ABSPATH . '/wp-admin/admin.php';
header('Content-Type: text/plain; charset=' . get_option('blog_charset'));
//check for correct capability
if (!is_user_logged_in()) {
die('Login failure. -1');
}
//check for correct capability
if (!current_user_can('NextGEN Upload images')) {
die('You do not have permission to upload files. -2');
}
//check for correct nonce
check_admin_referer('ngg_swfupload');
//check for nggallery
if (!defined('NGGALLERY_ABSPATH')) {
die('NextGEN Gallery not available. -3');
}
include_once NGGALLERY_ABSPATH . 'admin/functions.php';
// get the gallery
$galleryID = (int) $_POST['galleryselect'];
echo nggAdmin::swfupload_image($galleryID);
