WordPress.org

Make WordPress Core

Changeset 15032


Ignore:
Timestamp:
05/28/2010 03:49:13 PM (9 years ago)
Author:
markjaquith
Message:

Do proper caps check when processing bulk edited posts, and hide the checkbox on the Page edit page for users who lack permissions. props ocean90

Location:
trunk/wp-admin/includes
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/includes/post.php

    r14924 r15032  
    300300    $updated = $skipped = $locked = array();
    301301    foreach ( $post_IDs as $post_ID ) {
    302 
    303         if ( isset($children) && in_array($post_ID, $children) ) {
     302        $post_type_object = get_post_type_object( get_post_type( $post_ID ) );
     303
     304        if ( !isset( $post_type_object ) || ( isset($children) && in_array($post_ID, $children) ) || !current_user_can( $post_type_object->cap->edit_post, $post_ID ) ) {
    304305            $skipped[] = $post_ID;
    305306            continue;
  • trunk/wp-admin/includes/template.php

    r15028 r15032  
    15301530    case 'cb':
    15311531        ?>
    1532         <th scope="row" class="check-column"><input type="checkbox" name="post[]" value="<?php the_ID(); ?>" /></th>
     1532        <th scope="row" class="check-column"><?php if ( current_user_can( $post_type_object->cap->edit_post, $page->ID ) ) { ?><input type="checkbox" name="post[]" value="<?php the_ID(); ?>" /><?php } ?></th>
    15331533        <?php
    15341534        break;
Note: See TracChangeset for help on using the changeset viewer.