| 1 | Index: xmlrpc.php |
|---|
| 2 | =================================================================== |
|---|
| 3 | --- xmlrpc.php (revision 5279) |
|---|
| 4 | +++ xmlrpc.php (working copy) |
|---|
| 5 | @@ -939,12 +939,12 @@ |
|---|
| 6 | // Let WordPress generate the post_name (slug) unless |
|---|
| 7 | // one has been provided. |
|---|
| 8 | $post_name = ""; |
|---|
| 9 | - if(!empty($content_struct["wp_slug"])) { |
|---|
| 10 | + if(isset($content_struct["wp_slug"])) { |
|---|
| 11 | $post_name = $content_struct["wp_slug"]; |
|---|
| 12 | } |
|---|
| 13 | |
|---|
| 14 | // Only use a password if one was given. |
|---|
| 15 | - if(!empty($content_struct["wp_password"])) { |
|---|
| 16 | + if(isset($content_struct["wp_password"])) { |
|---|
| 17 | $post_password = $content_struct["wp_password"]; |
|---|
| 18 | } |
|---|
| 19 | |
|---|
| 20 | @@ -954,14 +954,17 @@ |
|---|
| 21 | } |
|---|
| 22 | |
|---|
| 23 | // Only set the menu_order if it was provided. |
|---|
| 24 | - if(!empty($content_struct["wp_page_order"])) { |
|---|
| 25 | + if(isset($content_struct["wp_page_order"])) { |
|---|
| 26 | $menu_order = $content_struct["wp_page_order"]; |
|---|
| 27 | } |
|---|
| 28 | |
|---|
| 29 | $post_author = $user->ID; |
|---|
| 30 | |
|---|
| 31 | // If an author id was provided then use it instead. |
|---|
| 32 | - if(!empty($content_struct["wp_author_id"])) { |
|---|
| 33 | + if( |
|---|
| 34 | + isset($content_struct["wp_author_id"]) |
|---|
| 35 | + && ($user->ID != $content_struct["wp_author_id"]) |
|---|
| 36 | + ) { |
|---|
| 37 | switch($post_type) { |
|---|
| 38 | case "post": |
|---|
| 39 | if(!current_user_can("edit_others_posts")) { |
|---|
| 40 | @@ -989,13 +992,33 @@ |
|---|
| 41 | $post_excerpt = $content_struct['mt_excerpt']; |
|---|
| 42 | $post_more = $content_struct['mt_text_more']; |
|---|
| 43 | |
|---|
| 44 | - $comment_status = (!isset($content_struct['mt_allow_comments'])) ? |
|---|
| 45 | - get_option('default_comment_status') |
|---|
| 46 | - : $content_struct['mt_allow_comments']; |
|---|
| 47 | + if(isset($content_struct["mt_allow_comments"])) { |
|---|
| 48 | + switch((int) $content_struct["mt_allow_comments"]) { |
|---|
| 49 | + case 0: |
|---|
| 50 | + $comment_status = "closed"; |
|---|
| 51 | + break; |
|---|
| 52 | + case 1: |
|---|
| 53 | + $comment_status = "open"; |
|---|
| 54 | + break; |
|---|
| 55 | + default: |
|---|
| 56 | + $comment_status = get_option("default_comment_status"); |
|---|
| 57 | + break; |
|---|
| 58 | + } |
|---|
| 59 | + } |
|---|
| 60 | |
|---|
| 61 | - $ping_status = (!isset($content_struct['mt_allow_pings'])) ? |
|---|
| 62 | - get_option('default_ping_status') |
|---|
| 63 | - : $content_struct['mt_allow_pings']; |
|---|
| 64 | + if(isset($content_struct["mt_allow_pings"])) { |
|---|
| 65 | + switch((int) $content_struct["mt_allow_pings"]) { |
|---|
| 66 | + case 0: |
|---|
| 67 | + $ping_status = "closed"; |
|---|
| 68 | + break; |
|---|
| 69 | + case 1: |
|---|
| 70 | + $ping_status = "open"; |
|---|
| 71 | + break; |
|---|
| 72 | + default: |
|---|
| 73 | + $ping_status = get_option("default_ping_status"); |
|---|
| 74 | + break; |
|---|
| 75 | + } |
|---|
| 76 | + } |
|---|
| 77 | |
|---|
| 78 | if ($post_more) { |
|---|
| 79 | $post_content = $post_content . "\n<!--more-->\n" . $post_more; |
|---|
| 80 | @@ -1073,7 +1096,7 @@ |
|---|
| 81 | return $this->error; |
|---|
| 82 | } |
|---|
| 83 | |
|---|
| 84 | - set_current_user(0, $user_login); |
|---|
| 85 | + $user = set_current_user(0, $user_login); |
|---|
| 86 | |
|---|
| 87 | // The post_type defaults to post, but could also be page. |
|---|
| 88 | $post_type = "post"; |
|---|
| 89 | @@ -1102,12 +1125,12 @@ |
|---|
| 90 | |
|---|
| 91 | // Let WordPress manage slug if none was provided. |
|---|
| 92 | $post_name = ""; |
|---|
| 93 | - if(!empty($content_struct["wp_slug"])) { |
|---|
| 94 | + if(isset($content_struct["wp_slug"])) { |
|---|
| 95 | $post_name = $content_struct["wp_slug"]; |
|---|
| 96 | } |
|---|
| 97 | |
|---|
| 98 | // Only use a password if one was given. |
|---|
| 99 | - if(!empty($content_struct["wp_password"])) { |
|---|
| 100 | + if(isset($content_struct["wp_password"])) { |
|---|
| 101 | $post_password = $content_struct["wp_password"]; |
|---|
| 102 | } |
|---|
| 103 | |
|---|
| 104 | @@ -1117,12 +1140,17 @@ |
|---|
| 105 | } |
|---|
| 106 | |
|---|
| 107 | // Only set the menu_order if it was given. |
|---|
| 108 | - if(!empty($content_struct["wp_page_order"])) { |
|---|
| 109 | + if(isset($content_struct["wp_page_order"])) { |
|---|
| 110 | $menu_order = $content_struct["wp_page_order"]; |
|---|
| 111 | } |
|---|
| 112 | |
|---|
| 113 | + $post_author = $user->ID; |
|---|
| 114 | + |
|---|
| 115 | // Only set the post_author if one is set. |
|---|
| 116 | - if(!empty($content_struct["wp_author_id"])) { |
|---|
| 117 | + if( |
|---|
| 118 | + isset($content_struct["wp_author_id"]) |
|---|
| 119 | + && ($user->ID != $content_struct["wp_author_id"]) |
|---|
| 120 | + ) { |
|---|
| 121 | switch($post_type) { |
|---|
| 122 | case "post": |
|---|
| 123 | if(!current_user_can("edit_others_posts")) { |
|---|
| 124 | @@ -1145,11 +1173,11 @@ |
|---|
| 125 | |
|---|
| 126 | // Only set ping_status if it was provided. |
|---|
| 127 | if(isset($content_struct["mt_allow_pings"])) { |
|---|
| 128 | - switch($content_struct["mt_allow_pings"]) { |
|---|
| 129 | - case "0": |
|---|
| 130 | + switch((int) $content_struct["mt_allow_pings"]) { |
|---|
| 131 | + case 0: |
|---|
| 132 | $ping_status = "closed"; |
|---|
| 133 | break; |
|---|
| 134 | - case "1": |
|---|
| 135 | + case 1: |
|---|
| 136 | $ping_status = "open"; |
|---|
| 137 | break; |
|---|
| 138 | } |
|---|
| 139 | @@ -1187,7 +1215,7 @@ |
|---|
| 140 | $to_ping = implode(' ', $to_ping); |
|---|
| 141 | |
|---|
| 142 | if(isset($content_struct["mt_allow_comments"])) { |
|---|
| 143 | - $comment_status = $content_struct["mt_allow_comments"]; |
|---|
| 144 | + $comment_status = (int) $content_struct["mt_allow_comments"]; |
|---|
| 145 | } |
|---|
| 146 | |
|---|
| 147 | // Do some timestamp voodoo |
|---|
