WordPress.org

Make WordPress Core

Ticket #8592: 8592-post.php.2.diff

File 8592-post.php.2.diff, 1.2 KB (added by mtekk, 5 years ago)

This has a fix so that Authors, Contributors, and Subscribers don't cause an invalid query to be made

  • post.php

     
    21532153 * @return array List of pages matching defaults or $args 
    21542154 */ 
    21552155function &get_pages($args = '') { 
    2156         global $wpdb; 
     2156        global $wpdb, $user_ID; 
    21572157 
    21582158        $defaults = array( 
    21592159                'child_of' => 0, 'sort_order' => 'ASC', 
     
    22582258        if ( $parent >= 0 ) 
    22592259                $where .= $wpdb->prepare(' AND post_parent = %d ', $parent); 
    22602260 
    2261         $query = "SELECT * FROM $wpdb->posts $join WHERE (post_type = 'page' AND post_status = 'publish') $where "; 
    2262         $query .= $author_query; 
     2261        $query = "SELECT * FROM $wpdb->posts $join WHERE (post_type = 'page'"; 
     2262        $where .= " AND (post_status = 'publish'"; 
     2263        if ( is_admin() ) 
     2264                $where .= " OR post_status = 'future' OR post_status = 'draft' OR post_status = 'pending'"; 
     2265        if ( is_user_logged_in() ) { 
     2266                $where .= current_user_can( "read_private_pages" ) ? " OR post_status = 'private'" : " OR post_author = $user_ID AND post_status = 'private'"; 
     2267        } 
     2268        $where .= ')'; 
     2269                 
     2270        $query .= " $where )" . $author_query; 
    22632271        $query .= " ORDER BY " . $sort_column . " " . $sort_order ; 
    22642272 
    22652273        $pages = $wpdb->get_results($query);