WordPress.org

Make WordPress Core

Ticket #8592: 8592-post.php.4.diff

File 8592-post.php.4.diff, 837 bytes (added by kawauso, 3 years ago)

Refresh against 3.1-RC2-17315 and don't escape a static string

  • wp-includes/post.php

     
    34053405        if ( $parent >= 0 ) 
    34063406                $where .= $wpdb->prepare(' AND post_parent = %d ', $parent); 
    34073407 
    3408         $where_post_type = $wpdb->prepare( "post_type = '%s' AND post_status = '%s'", $post_type, $post_status ); 
     3408        if ( current_user_can('read_private_pages') && 'page' == $post_type ) 
     3409                $where_post_type = $wpdb->prepare( "post_type = '%s' AND (post_status = '%s' OR post_status = 'private')", $post_type, $post_status ); 
     3410        else 
     3411                $where_post_type = $wpdb->prepare( "post_type = '%s' AND post_status = '%s'", $post_type, $post_status ); 
    34093412 
    34103413        $query = "SELECT * FROM $wpdb->posts $join WHERE ($where_post_type) $where "; 
    34113414        $query .= $author_query;