| 1557 | /** |
| 1558 | * This function provides a standardized way to appropriately select on |
| 1559 | * the post_status of posts/pages. The function will return a piece of |
| 1560 | * SQL code that can be added to a WHERE clause; this SQL is constructed |
| 1561 | * to allow all published posts, and all private posts to which the user |
| 1562 | * has access. |
| 1563 | * @param string $post_type currently only supports 'post' or 'page'. |
| 1564 | * @return string SQL code that can be added to a where clause. |
| 1565 | */ |
| 1566 | function wp_get_pub_priv_sql($post_type) { |
| 1567 | global $user_ID; |
| 1568 | $cap = ''; |
| 1569 | if ( $post_type === 'post' ) $cap = 'read_private_posts'; |
| 1570 | elseif ( $post_type === 'page' ) $cap = 'read_private_pages'; |
| 1571 | else return '1 = 0'; // unknown post_type, make the query return nada |
| 1572 | $sql = "(post_status = 'publish'"; |
| 1573 | if ( current_user_can($cap) ) { |
| 1574 | $sql .= " OR post_status = 'private'"; |
| 1575 | } |
| 1576 | elseif ( is_user_logged_in() ) { |
| 1577 | $sql .= " OR post_status = 'private' AND post_author = $user_ID"; |
| 1578 | } |
| 1579 | $sql .= ')'; |
| 1580 | return $sql; |
| 1581 | } |
| 1582 | |