Index: wp-mail.php =================================================================== --- wp-mail.php (revision 6199) +++ wp-mail.php (working copy) @@ -27,6 +27,8 @@ $content_transfer_encoding = ''; $boundary = ''; $bodysignal = 0; + $post_author = 1; + $author_found = false; $dmonths = array('Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug', 'Sep', 'Oct', 'Nov', 'Dec'); foreach ($message as $line) : if (strlen($line) < 3) $bodysignal = 1; @@ -60,21 +62,26 @@ $subject = $subject[0]; } - // Set the author using the email address (To or Reply-To, the last used) + // Set the author using the email address (From or Reply-To, the last used) // otherwise use the site admin if (preg_match('/From: /', $line) | preg_match('/Reply-To: /', $line)) { $author=trim($line); - if ( ereg("([a-zA-Z0-9\_\-\.]+@[\a-zA-z0-9\_\-\.]+)", $author , $regs) ) { + if ( ereg("([a-zA-Z0-9_.-]+@[a-zA-Z0-9_.-]+)", $author , $regs) ) { $author = $regs[1]; echo "Author = {$author}

"; $author = $wpdb->escape($author); $result = $wpdb->get_row("SELECT ID FROM $wpdb->users WHERE user_email='$author' LIMIT 1"); - if (!$result) + if (!$result) { $post_author = 1; - else + $author_found = false; + } else { $post_author = $result->ID; - } else + $author_found = true; + } + } else { $post_author = 1; + $author_found = false; + } } if (preg_match('/Date: /i', $line)) { // of the form '20 Mar 2002 20:32:37' @@ -108,6 +115,18 @@ } endforeach; + // Set $post_status based on $author_found and on author's publish_posts capability + if ($author_found) { + $user = new WP_User($post_author); + if ($user->has_cap('publish_posts')) + $post_status = 'publish'; + else + $post_status = 'pending'; + } else { + // Author not found in DB, set status to pending. Author already set to admin. + $post_status = 'pending'; + } + $subject = trim($subject); if ($content_type == 'multipart/alternative') { @@ -141,9 +160,6 @@ $post_category = $post_categories; - // or maybe we should leave the choice to email drafts? propose a way - $post_status = 'publish'; - $post_data = compact('post_content','post_title','post_date','post_date_gmt','post_author','post_category', 'post_status'); $post_data = add_magic_quotes($post_data);