| | 1557 | /** |
| | 1558 | * This function provides a standardized way to appropriately select on |
| | 1559 | * the post_status of posts/pages. The function will return a piece of |
| | 1560 | * SQL code that can be added to a WHERE clause; this SQL is constructed |
| | 1561 | * to allow all published posts, and all private posts to which the user |
| | 1562 | * has access. |
| | 1563 | * @param string $post_type currently only supports 'post' or 'page'. |
| | 1564 | * @return string SQL code that can be added to a where clause. |
| | 1565 | */ |
| | 1566 | function wp_get_pub_priv_sql($post_type) { |
| | 1567 | global $user_ID; |
| | 1568 | $cap = ''; |
| | 1569 | if ( $post_type === 'post' ) $cap = 'read_private_posts'; |
| | 1570 | elseif ( $post_type === 'page' ) $cap = 'read_private_pages'; |
| | 1571 | else return '1 = 0'; // unknown post_type, make the query return nada |
| | 1572 | $sql = "(post_status = 'publish'"; |
| | 1573 | if ( current_user_can($cap) ) { |
| | 1574 | $sql .= " OR post_status = 'private'"; |
| | 1575 | } |
| | 1576 | elseif ( is_user_logged_in() ) { |
| | 1577 | $sql .= " OR post_status = 'private' AND post_author = $user_ID"; |
| | 1578 | } |
| | 1579 | $sql .= ')'; |
| | 1580 | return $sql; |
| | 1581 | } |
| | 1582 | |