Index: wp-includes/post.php =================================================================== --- wp-includes/post.php (revision 11807) +++ wp-includes/post.php (working copy) @@ -1264,7 +1264,7 @@ do_action('untrash_post', $postid); - $post['post_status'] = 'draft'; + $post['post_status'] = ($post->post_type == 'attachment') ? 'inherit' : 'draft'; $trash_meta = get_option('wp_trash_meta'); if ( is_array($trash_meta) && isset($trash_meta['posts'][$postid]) ) { Index: wp-includes/js/swfupload/handlers.dev.js =================================================================== --- wp-includes/js/swfupload/handlers.dev.js (revision 11807) +++ wp-includes/js/swfupload/handlers.dev.js (working copy) @@ -78,7 +78,7 @@ // Tell the server to delete it. TODO: handle exceptions jQuery.ajax({url:'admin-ajax.php',type:'post',success:deleteSuccess,error:deleteError,id:fileObj.id,data:{ id : this.id.replace(/[^0-9]/g,''), - action : 'delete-post', + action : 'trash-post', _ajax_nonce : this.href.replace(/^.*wpnonce=/,'')} }); return false; Index: wp-includes/capabilities.php =================================================================== --- wp-includes/capabilities.php (revision 11807) +++ wp-includes/capabilities.php (working copy) @@ -775,6 +775,11 @@ // If the post is published... if ( 'publish' == $post->post_status ) $caps[] = 'delete_published_posts'; + elseif ( 'trash' == $post->post_status ) { + $trash_meta = get_option('wp_trash_meta'); + if (is_array($trash_meta) && isset($trash_meta['posts'][$post->ID]['status']) && $trash_meta['posts'][$post->ID]['status'] == 'publish') + $caps[] = 'delete_published_posts'; + } else // If the post is draft... $caps[] = 'delete_posts'; @@ -799,6 +804,11 @@ // If the page is published... if ( $page->post_status == 'publish' ) $caps[] = 'delete_published_pages'; + elseif ( 'trash' == $page->post_status ) { + $trash_meta = get_option('wp_trash_meta'); + if (is_array($trash_meta) && isset($trash_meta['posts'][$page->ID]['status']) && $trash_meta['posts'][$page->ID]['status'] == 'publish') + $caps[] = 'delete_published_pages'; + } else // If the page is draft... $caps[] = 'delete_pages'; @@ -829,6 +839,11 @@ // If the post is published... if ( 'publish' == $post->post_status ) $caps[] = 'edit_published_posts'; + elseif ( 'trash' == $post->post_status ) { + $trash_meta = get_option('wp_trash_meta'); + if (is_array($trash_meta) && isset($trash_meta['posts'][$post->ID]['status']) && $trash_meta['posts'][$post->ID]['status'] == 'publish') + $caps[] = 'edit_published_posts'; + } else // If the post is draft... $caps[] = 'edit_posts'; @@ -853,6 +868,11 @@ // If the page is published... if ( 'publish' == $page->post_status ) $caps[] = 'edit_published_pages'; + elseif ( 'trash' == $page->post_status ) { + $trash_meta = get_option('wp_trash_meta'); + if (is_array($trash_meta) && isset($trash_meta['posts'][$page->ID]['status']) && $trash_meta['posts'][$page->ID]['status'] == 'publish') + $caps[] = 'edit_published_pages'; + } else // If the page is draft... $caps[] = 'edit_pages'; Index: wp-admin/edit-comments.php =================================================================== --- wp-admin/edit-comments.php (revision 11807) +++ wp-admin/edit-comments.php (working copy) @@ -303,7 +303,7 @@ if ( ( 'spam' == $comment_status || 'trash' == $comment_status) && current_user_can ('moderate_comments') ) { wp_nonce_field('bulk-destroy', '_destroy_nonce'); - if ( 'spam' == $comment_status ) { ?> + if ( 'spam' == $comment_status && current_user_can('moderate_comments') ) { ?> @@ -375,7 +375,7 @@ - + Index: wp-admin/admin-ajax.php =================================================================== --- wp-admin/admin-ajax.php (revision 11807) +++ wp-admin/admin-ajax.php (working copy) @@ -312,6 +312,19 @@ else die('0'); break; +case 'trash-post' : + check_ajax_referer( "{$action}_$id" ); + if ( !current_user_can( 'delete_post', $id ) ) + die('-1'); + + if ( !get_post( $id ) ) + die('1'); + + if ( wp_trash_post( $id ) ) + die('1'); + else + die('0'); + break; case 'delete-page' : check_ajax_referer( "{$action}_$id" ); if ( !current_user_can( 'delete_page', $id ) ) Index: wp-admin/includes/template.php =================================================================== --- wp-admin/includes/template.php (revision 11807) +++ wp-admin/includes/template.php (working copy) @@ -1439,9 +1439,11 @@ the_excerpt(); $actions = array(); - if ( 'trash' == $post->post_status && current_user_can('delete_post', $post->ID) ) { - $actions['untrash'] = "ID) . "'>" . __('Restore') . ""; - $actions['delete'] = "ID) . "'>" . __('Delete Permanently') . ""; + if ('trash' == $post->post_status) { + if (current_user_can('delete_post', $post->ID)) { + $actions['untrash'] = "ID) . "'>" . __('Restore') . ""; + $actions['delete'] = "ID) . "'>" . __('Delete Permanently') . ""; + } } else { if ( current_user_can('edit_post', $post->ID) ) { $actions['edit'] = '' . __('Edit') . ''; Index: wp-admin/includes/media.php =================================================================== --- wp-admin/includes/media.php (revision 11807) +++ wp-admin/includes/media.php (working copy) @@ -1062,9 +1062,12 @@ } $output = ''; - foreach ( (array) $attachments as $id => $attachment ) + foreach ( (array) $attachments as $id => $attachment ) { + if ( $attachment->post_status == 'trash' ) + continue; if ( $item = get_media_item( $id, array( 'errors' => isset($errors[$id]) ? $errors[$id] : null) ) ) $output .= "\n
$item\n
"; + } return $output; } @@ -1166,11 +1169,11 @@ 'extra_rows' => array(), ); - $delete_href = wp_nonce_url("post.php?action=trash&post=$attachment_id", 'delete-post_' . $attachment_id); + $delete_href = wp_nonce_url("post.php?action=trash&post=$attachment_id", 'trash-post_' . $attachment_id); if ( $send ) $send = ""; if ( $delete ) - $delete = "" . __('Move to Trash') . ""; + $delete = current_user_can('delete_post', $attachment_id) ? "" . __('Move to Trash') . "" : ""; if ( ( $send || $delete ) && !isset($form_fields['buttons']) ) $form_fields['buttons'] = array('tr' => "\t\t$send $delete\n"); Index: wp-admin/edit-attachment-rows.php =================================================================== --- wp-admin/edit-attachment-rows.php (revision 11807) +++ wp-admin/edit-attachment-rows.php (working copy) @@ -59,7 +59,7 @@ case 'cb': ?> - + ID)) { ?> ID) ) { - $actions['untrash'] = "ID) . "'>" . __('Restore') . ""; - $actions['delete'] = "ID) . "'>" . __('Delete Permanently') . ""; + if ($is_trash) { + if (current_user_can('delete_post', $post->ID)) { + $actions['untrash'] = "ID) . "'>" . __('Restore') . ""; + $actions['delete'] = "ID) . "'>" . __('Delete Permanently') . ""; + } } else { if ( current_user_can('edit_post', $post->ID) ) $actions['edit'] = '' . __('Edit') . ''; Index: wp-admin/upload.php =================================================================== --- wp-admin/upload.php (revision 11807) +++ wp-admin/upload.php (working copy) @@ -321,7 +321,7 @@ - + @@ -362,7 +362,7 @@ $att_title = esc_html( _draft_or_post_title($post->ID) ); ?> - + ID)) { ?> ID, array(80, 60), true ) ) { ?> @@ -446,7 +446,7 @@ - + Index: wp-admin/edit-form-comment.php =================================================================== --- wp-admin/edit-form-comment.php (revision 11807) +++ wp-admin/edit-form-comment.php (working copy) @@ -68,7 +68,7 @@
-comment_ID&_wp_original_http_referer=" . urlencode(wp_get_referer()), 'delete-comment_' . $comment->comment_ID) . "'>" . __('Move to Trash') . "\n"; ?> +comment_ID&_wp_original_http_referer=" . urlencode(wp_get_referer()), 'trash-comment_' . $comment->comment_ID) . "'>" . __('Move to Trash') . "\n"; ?>