Changeset 13172 for trunk/wp-includes/query.php
- Timestamp:
- 02/16/2010 09:13:44 PM (16 years ago)
- File:
-
- 1 edited
-
trunk/wp-includes/query.php (modified) (6 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-includes/query.php
r13118 r13172 2062 2062 } 2063 2063 2064 if ( is_array($post_type) ) 2064 if ( is_array($post_type) ) { 2065 2065 $post_type_cap = 'multiple_post_type'; 2066 else {2066 } else { 2067 2067 $post_type_object = get_post_type_object ( $post_type ); 2068 2068 if ( !empty($post_type_object) ) … … 2082 2082 } elseif ( ! empty( $post_type ) ) { 2083 2083 $where .= " AND $wpdb->posts.post_type = '$post_type'"; 2084 $post_type_object = get_post_type_object ( $post_type ); 2084 2085 } elseif ( $this->is_attachment ) { 2085 2086 $where .= " AND $wpdb->posts.post_type = 'attachment'"; 2086 $post_type_ cap = 'post';2087 $post_type_object = get_post_type_object ( 'attachment' ); 2087 2088 } elseif ($this->is_page) { 2088 2089 $where .= " AND $wpdb->posts.post_type = 'page'"; 2089 $post_type_ cap = 'page';2090 $post_type_object = get_post_type_object ( 'page' ); 2090 2091 } else { 2091 2092 $where .= " AND $wpdb->posts.post_type = 'post'"; 2092 $post_type_cap = 'post'; 2093 $post_type_object = get_post_type_object ( 'post' ); 2094 } 2095 2096 if ( !empty($post_type_object) ) { 2097 $post_type_cap = $post_type_object->capability_type; 2098 $edit_cap = $post_type_object->edit_cap; 2099 $read_cap = $post_type_object->read_cap; 2100 $edit_others_cap = $post_type_object->edit_others_cap; 2101 $read_private_cap = $post_type_object->read_private_cap; 2102 } else { 2103 $edit_cap = 'edit_' . $post_type_cap; 2104 $read_cap = 'read_' . $post_type_cap; 2105 $edit_others_cap = 'edit_others_' . $post_type_cap . 's'; 2106 $read_private_cap = 'read_private_' . $post_type_cap . 's'; 2093 2107 } 2094 2108 … … 2122 2136 } 2123 2137 if ( !empty($r_status) ) { 2124 if ( !empty($q['perm'] ) && 'editable' == $q['perm'] && !current_user_can( "edit_others_{$post_type_cap}s") )2138 if ( !empty($q['perm'] ) && 'editable' == $q['perm'] && !current_user_can($edit_others_cap) ) 2125 2139 $statuswheres[] = "($wpdb->posts.post_author = $user_ID " . "AND (" . join( ' OR ', $r_status ) . "))"; 2126 2140 else … … 2128 2142 } 2129 2143 if ( !empty($p_status) ) { 2130 if ( !empty($q['perm'] ) && 'readable' == $q['perm'] && !current_user_can( "read_private_{$post_type_cap}s") )2144 if ( !empty($q['perm'] ) && 'readable' == $q['perm'] && !current_user_can($read_private_cap) ) 2131 2145 $statuswheres[] = "($wpdb->posts.post_author = $user_ID " . "AND (" . join( ' OR ', $p_status ) . "))"; 2132 2146 else … … 2143 2157 $where .= " AND ($wpdb->posts.post_status = 'publish'"; 2144 2158 2145 if ( is_admin() ) 2146 $where .= " OR $wpdb->posts.post_status = 'future' OR $wpdb->posts.post_status = 'draft' OR $wpdb->posts.post_status = 'pending'"; 2159 // Add public states. 2160 $public_states = get_post_stati( array('public' => true) ); 2161 foreach ( (array) $public_states as $state ) { 2162 if ( 'publish' == $state ) // Publish is hard-coded above. 2163 continue; 2164 $where .= " OR $wpdb->posts.post_status = '$state'"; 2165 } 2166 2167 if ( is_admin() ) { 2168 // Add protected states that should show in the admin all list. 2169 $admin_all_states = get_post_stati( array('protected' => true, 'show_in_admin_all_list' => true), 'names', 'and' ); 2170 foreach ( (array) $admin_all_states as $state ) 2171 $where .= " OR $wpdb->posts.post_status = '$state'"; 2172 } 2147 2173 2148 2174 if ( is_user_logged_in() ) { 2149 $where .= current_user_can( "read_private_{$post_type_cap}s" ) ? " OR $wpdb->posts.post_status = 'private'" : " OR $wpdb->posts.post_author = $user_ID AND $wpdb->posts.post_status = 'private'"; 2175 // Add private states that are limited to viewing by the author of a post or someone who has caps to read private states. 2176 $private_states = get_post_stati( array('private' => true) ); 2177 foreach ( (array) $private_states as $state ) 2178 $where .= current_user_can( $read_private_cap ) ? " OR $wpdb->posts.post_status = '$state'" : " OR $wpdb->posts.post_author = $user_ID AND $wpdb->posts.post_status = '$state'"; 2150 2179 } 2151 2180 … … 2297 2326 if ( !empty($this->posts) && ($this->is_single || $this->is_page) ) { 2298 2327 $status = get_post_status($this->posts[0]); 2328 $post_status_obj = get_post_status_object($status); 2299 2329 //$type = get_post_type($this->posts[0]); 2300 if ( ('publish' != $status)) {2330 if ( !$post_status_obj->public ) { 2301 2331 if ( ! is_user_logged_in() ) { 2302 2332 // User must be logged in to view unpublished posts. 2303 2333 $this->posts = array(); 2304 2334 } else { 2305 if ( in_array($status, array('draft', 'pending', 'trash'))) {2335 if ( $post_status_obj->protected ) { 2306 2336 // User must have edit permissions on the draft to preview. 2307 if (! current_user_can( "edit_$post_type_cap", $this->posts[0]->ID)) {2337 if (! current_user_can($edit_cap, $this->posts[0]->ID)) { 2308 2338 $this->posts = array(); 2309 2339 } else { 2310 2340 $this->is_preview = true; 2311 $this->posts[0]->post_date = current_time('mysql'); 2341 if ('future' != $status) 2342 $this->posts[0]->post_date = current_time('mysql'); 2312 2343 } 2313 } else if ('future' == $status) { 2314 $this->is_preview = true; 2315 if (!current_user_can("edit_$post_type_cap", $this->posts[0]->ID)) { 2316 $this->posts = array ( ); 2317 } 2344 } elseif ( $post_status_obj->private ) { 2345 if ( ! current_user_can($read_cap, $this->posts[0]->ID) ) 2346 $this->posts = array(); 2318 2347 } else { 2319 if (! current_user_can("read_$post_type_cap", $this->posts[0]->ID)) 2320 $this->posts = array(); 2348 $this->posts = array(); 2321 2349 } 2322 2350 } 2323 2351 } 2324 2352 2325 if ( $this->is_preview && current_user_can( "edit_{$post_type_cap}", $this->posts[0]->ID ) )2353 if ( $this->is_preview && current_user_can( $edit_cap, $this->posts[0]->ID ) ) 2326 2354 $this->posts[0] = apply_filters('the_preview', $this->posts[0]); 2327 2355 }
Note: See TracChangeset
for help on using the changeset viewer.