WordPress.org
Get WordPress

Make WordPress Core

Ticket #8592: 8592-post.php.4.diff

File 8592-post.php.4.diff, 837 bytes (added by kawauso, 12 years ago)

Refresh against 3.1-RC2-17315 and don't escape a static string

  • wp-includes/post.php

     
    34053405        if ( $parent >= 0 )
    34063406                $where .= $wpdb->prepare(' AND post_parent = %d ', $parent);
    34073407
    3408         $where_post_type = $wpdb->prepare( "post_type = '%s' AND post_status = '%s'", $post_type, $post_status );
     3408        if ( current_user_can('read_private_pages') && 'page' == $post_type )
     3409                $where_post_type = $wpdb->prepare( "post_type = '%s' AND (post_status = '%s' OR post_status = 'private')", $post_type, $post_status );
     3410        else
     3411                $where_post_type = $wpdb->prepare( "post_type = '%s' AND post_status = '%s'", $post_type, $post_status );
    34093412
    34103413        $query = "SELECT * FROM $wpdb->posts $join WHERE ($where_post_type) $where ";
    34113414        $query .= $author_query;