function flag_ajax_operation()
{
global $wpdb;
// if nonce is not correct it returns -1
check_ajax_referer("flag-ajax");
// check for correct capability
if (!is_user_logged_in()) {
die('-1');
}
// check for correct FlAG capability
if (!current_user_can('FlAG Upload images') || !current_user_can('FlAG Manage gallery')) {
die('-1');
}
// include the flag function
include_once dirname(__FILE__) . '/functions.php';
// Get the image id
if (isset($_POST['image'])) {
$id = (int) $_POST['image'];
// let's get the image data
$picture = flagdb::find_image($id);
// what do you want to do ?
switch ($_POST['operation']) {
case 'create_thumbnail':
$result = flagAdmin::create_thumbnail($picture);
break;
case 'resize_image':
$result = flagAdmin::resize_image($picture);
break;
case 'webview_image':
$result = flagAdmin::webview_image($picture);
break;
case 'import_metadata':
$result = flagAdmin::import_MetaData($id);
break;
case 'copy_metadata':
$result = flagAdmin::copy_MetaData($id);
break;
case 'get_image_ids':
$result = flagAdmin::get_image_ids($id);
break;
default:
do_action('flag_ajax_' . sanitize_key($_POST['operation']));
die('-1');
break;
}
// A success should return a '1'
die($result);
}
// The script should never stop here
die('0');
}