WordPress.org

Make WordPress Core

Ticket #8592: 8592-post.php.2.diff

File 8592-post.php.2.diff, 1.2 KB (added by mtekk, 9 years ago)

This has a fix so that Authors, Contributors, and Subscribers don't cause an invalid query to be made

  • post.php

     
    21532153 * @return array List of pages matching defaults or $args
    21542154 */
    21552155function &get_pages($args = '') {
    2156         global $wpdb;
     2156        global $wpdb, $user_ID;
    21572157
    21582158        $defaults = array(
    21592159                'child_of' => 0, 'sort_order' => 'ASC',
     
    22582258        if ( $parent >= 0 )
    22592259                $where .= $wpdb->prepare(' AND post_parent = %d ', $parent);
    22602260
    2261         $query = "SELECT * FROM $wpdb->posts $join WHERE (post_type = 'page' AND post_status = 'publish') $where ";
    2262         $query .= $author_query;
     2261        $query = "SELECT * FROM $wpdb->posts $join WHERE (post_type = 'page'";
     2262        $where .= " AND (post_status = 'publish'";
     2263        if ( is_admin() )
     2264                $where .= " OR post_status = 'future' OR post_status = 'draft' OR post_status = 'pending'";
     2265        if ( is_user_logged_in() ) {
     2266                $where .= current_user_can( "read_private_pages" ) ? " OR post_status = 'private'" : " OR post_author = $user_ID AND post_status = 'private'";
     2267        }
     2268        $where .= ')';
     2269               
     2270        $query .= " $where )" . $author_query;
    22632271        $query .= " ORDER BY " . $sort_column . " " . $sort_order ;
    22642272
    22652273        $pages = $wpdb->get_results($query);