WordPress.org

Make WordPress Core

Ticket #8592: 8592-post.php.3.diff

File 8592-post.php.3.diff, 1.0 KB (added by mtekk, 4 years ago)

uses edit_private_pages privlige instead of read_private_pages

  • post.php

     
    24582458 * @return array List of pages matching defaults or $args 
    24592459 */ 
    24602460function &get_pages($args = '') { 
    2461         global $wpdb; 
     2461        global $wpdb, $user_ID; 
    24622462 
    24632463        $defaults = array( 
    24642464                'child_of' => 0, 'sort_order' => 'ASC', 
     
    25662566        if ( $parent >= 0 ) 
    25672567                $where .= $wpdb->prepare(' AND post_parent = %d ', $parent); 
    25682568 
    2569         $query = "SELECT * FROM $wpdb->posts $join WHERE (post_type = 'page' AND post_status = 'publish') $where "; 
    2570         $query .= $author_query; 
     2569        $query = "SELECT * FROM $wpdb->posts $join WHERE (post_type = 'page'"; 
     2570        if ( is_admin() ) { 
     2571                $where .= current_user_can( "edit_private_pages" ) ? "" : " AND (post_status = 'publish' OR post_author = $user_ID AND post_status = 'private')"; 
     2572        } 
     2573        else { 
     2574                $where .= " AND (post_status = 'publish')"; 
     2575        } 
     2576        $query .= " $where )" . $author_query; 
    25712577        $query .= " ORDER BY " . $sort_column . " " . $sort_order ; 
    25722578 
    25732579        if ( !empty($number) )