WordPress.org

Make WordPress Core

Ticket #20473: cap_fixes2.patch

File cap_fixes2.patch, 2.2 KB (added by nprasath002, 2 years ago)
  • class-wp-xmlrpc-server.php

    # This patch file was generated by NetBeans IDE
    # Following Index: paths are relative to: C:\xampp\htdocs\wordtrunk\wp-includes
    # This patch can be applied using context Tools: Patch action on respective folder.
    # It uses platform neutral UTF-8 encoding and \n newlines.
    # Above lines and this line are ignored by the patching process.
     
    38553855                if ( ! $postdata || empty( $postdata[ 'ID' ] ) ) 
    38563856                        return new IXR_Error( 404, __( 'Invalid post ID.' ) ); 
    38573857 
    3858                 if ( ! current_user_can( 'edit_post', $post_ID ) ) 
    3859                         return new IXR_Error( 401, __( 'Sorry, you do not have the right to edit this post.' ) ); 
    3860  
    38613858                // Use wp.editPost to edit post types other than post and page. 
    38623859                if ( ! in_array( $postdata[ 'post_type' ], array( 'post', 'page' ) ) ) 
    38633860                        return new IXR_Error( 401, __( 'Invalid post type.' ) ); 
    38643861 
     3862                if ( ! current_user_can( "edit_{$postdata[ 'post_type' ]}", $post_ID ) ) 
     3863                        return new IXR_Error( 401, __( "Sorry, you do not have the right to edit this post." ) ); 
     3864 
    38653865                // Thwart attempt to change the post type. 
    38663866                if ( ! empty( $content_struct[ 'post_type' ] ) && ( $content_struct['post_type'] != $postdata[ 'post_type' ] ) ) 
    38673867                        return new IXR_Error( 401, __( 'The post type may not be changed.' ) ); 
     
    40144014 
    40154015                $tags_input = isset( $content_struct['mt_keywords'] ) ? $content_struct['mt_keywords'] : null; 
    40164016 
    4017                 if ( ('publish' == $post_status) ) { 
    4018                         if ( ( 'page' == $post_type ) && !current_user_can('publish_pages') ) 
    4019                                 return new IXR_Error(401, __('Sorry, you do not have the right to publish this page.')); 
    4020                         else if ( !current_user_can('publish_posts') ) 
    4021                                 return new IXR_Error(401, __('Sorry, you do not have the right to publish this post.')); 
     4017                if ( ('publish' == $post_status) || ('private' == $post_status) ) { 
     4018                        if ( ! current_user_can( "publish_{$post_type}", $post_ID ) ) 
     4019                                return new IXR_Error( 401, __( "Sorry, you do not have the right to publish this post." ) ); 
     4020 
    40224021                } 
    40234022 
    40244023                if ( $post_more )