Ticket #5270 (closed defect (bug): fixed)
Private posts and tagging
| Reported by: |
|
Owned by: |
|
|---|---|---|---|
| Priority: | normal | Milestone: | 2.8 |
| Component: | Security | Version: | |
| Severity: | normal | Keywords: | taxonomy tags privacy |
| Cc: |
Description
Not sure if this is a defect or intended behavior:
- I create a post that is marked private, and added some tags.
2.a) When I press "Save", the tags will be ignored for calculating the new values in the datebase's wp_term_taxonomy.count field. 2.b) When I press "Publish", the tags will be counted...
Regardless whether I finish writing my post with 2.a) or 2.b), the visibility of the post to other users is the same. IMHO 2.a) and 2.b) should behave in the same way in this case. I guess this was the case with all previous releases of WP when there was no tagging.
In case it is intended to increase tag counts for private posts, the tag cloud should take the current user into account. Therefore the tag cloud should look differently from user to user if the users have a lot of tagged private posts.
If user information is not taken into account for the tag cloud and a blog contains of a lot of private posts (think of a diary), either the tag cloud may expose private content or the user should be aware of not to tag his private posts.
Change History
- Keywords taxonomy tags privacy added
- Owner changed from anonymous to pishmishy
- Status changed from new to assigned
I'm not sure that we're going to resolve this issue completely. I see three ways forward
- Have all private posts hidden from the tag cloud regardless of user.
- Have the cloud dynamically generated.
- Accept and document the current behavior.
I don't think that 2. is a good choice. It'd use an expensive database query that could become an issue on large and/or popular installations. 1. sounds like a good idea but I suspect that implementation may become more complex than it appears to be.
Without any further feedback I'm going to suggest that documenting the behavior in the codex would be the best way forward.
- Milestone changed from 2.5 to 2.6
Bumping milestone for feature freeze.
Another idea is, to move the 'term_taxonomy.count' field into another table and keep it per user. So the new term_taxonomy table would look like
term_taxonomy_id term_id taxonomy description parent
while the new table taxonomy_users looks like
term_taxonomy_id user_id count
If u is the amount of registered users in your blog and t is the amount of taxonomies, it would mean that the table taxonomy_users contains u*t amount of records. Depending on the size of the blog, the table may become quite big. This is nothing to worry to much, cause MySql can work with that pretty well - if the necessary keys and indexes are provided.
- Owner changed from pishmishy to anonymous
- Status changed from assigned to new
- Status changed from new to closed
- Resolution set to fixed
- Milestone changed from 2.9 to 2.8
_update_post_term_count() specifically looks for post_status = publish and post_type = post. it won't count private posts.
Thinking it over, I now think I am wrong, that "Save" and "Publish" should behave equal. They work as intended. "Saving" a post is creating a draft and therefore no counts on the taxonomy terms need to be increased.
Nevertheless I still think, that the database column wp_term_taxonomy.count should be different for each user, because of their private posts that are not accessible to other users. Because the count needs to be calculated dynamically for each user, the database column seems obsolete.