Make WordPress Core


Ignore:
Timestamp:
09/22/2009 10:57:01 PM (15 years ago)
Author:
ryan
Message:

Set the cap appropriate to the post type. fixes #10807 see #10605

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/query.php

    r11930 r11960  
    20712071        }
    20722072
     2073        $post_type_cap = $post_type;
     2074
    20732075        if ( 'any' == $post_type ) {
    20742076            $where .= " AND $wpdb->posts.post_type != 'revision'";
     
    20772079        } elseif ( $this->is_attachment ) {
    20782080            $where .= " AND $wpdb->posts.post_type = 'attachment'";
     2081            $post_type_cap = 'post';
    20792082        } elseif ($this->is_page) {
    20802083            $where .= " AND $wpdb->posts.post_type = 'page'";
     2084            $post_type_cap = 'page';
    20812085        } else {
    20822086            $where .= " AND $wpdb->posts.post_type = 'post'";
    2083             $post_type = 'post';
     2087            $post_type_cap = 'post';
    20842088        }
    20852089
     
    21102114
    21112115            if ( !empty($r_status) ) {
    2112                 if ( !empty($q['perm'] ) && 'editable' == $q['perm'] && !current_user_can("edit_others_{$post_type}s") )
     2116                if ( !empty($q['perm'] ) && 'editable' == $q['perm'] && !current_user_can("edit_others_{$post_type_cap}s") )
    21132117                    $statuswheres[] = "($wpdb->posts.post_author = $user_ID " .  "AND (" . join( ' OR ', $r_status ) . "))";
    21142118                else
     
    21162120            }
    21172121            if ( !empty($p_status) ) {
    2118                 if ( !empty($q['perm'] ) && 'readable' == $q['perm'] && !current_user_can("read_private_{$post_type}s") )
     2122                if ( !empty($q['perm'] ) && 'readable' == $q['perm'] && !current_user_can("read_private_{$post_type_cap}s") )
    21192123                    $statuswheres[] = "($wpdb->posts.post_author = $user_ID " .  "AND (" . join( ' OR ', $p_status ) . "))";
    21202124                else
     
    21352139
    21362140            if ( is_user_logged_in() ) {
    2137                 $where .= current_user_can( "read_private_{$post_type}s" ) ? " OR $wpdb->posts.post_status = 'private'" : " OR $wpdb->posts.post_author = $user_ID AND $wpdb->posts.post_status = 'private'";
     2141                $where .= current_user_can( "read_private_{$post_type_cap}s" ) ? " OR $wpdb->posts.post_status = 'private'" : " OR $wpdb->posts.post_author = $user_ID AND $wpdb->posts.post_status = 'private'";
    21382142            }
    21392143
     
    22932297                    if  (in_array($status, array('draft', 'pending')) ) {
    22942298                        // User must have edit permissions on the draft to preview.
    2295                         if (! current_user_can('edit_post', $this->posts[0]->ID)) {
     2299                        if (! current_user_can("edit_$post_type_cap", $this->posts[0]->ID)) {
    22962300                            $this->posts = array();
    22972301                        } else {
     
    23012305                    }  else if ('future' == $status) {
    23022306                        $this->is_preview = true;
    2303                         if (!current_user_can('edit_post', $this->posts[0]->ID)) {
     2307                        if (!current_user_can("edit_$post_type_cap", $this->posts[0]->ID)) {
    23042308                            $this->posts = array ( );
    23052309                        }
    23062310                    } else {
    2307                         if (! current_user_can('read_post', $this->posts[0]->ID))
     2311                        if (! current_user_can("read_$post_type_cap", $this->posts[0]->ID))
    23082312                            $this->posts = array();
    23092313                    }
     
    23112315            }
    23122316
    2313             if ( $this->is_preview && current_user_can( "edit_{$post_type}", $this->posts[0]->ID ) )
     2317            if ( $this->is_preview && current_user_can( "edit_{$post_type_cap}", $this->posts[0]->ID ) )
    23142318                $this->posts[0] = apply_filters('the_preview', $this->posts[0]);
    23152319        }
Note: See TracChangeset for help on using the changeset viewer.