Changes in branches/3.0/xmlrpc.php [16804:15426]
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/3.0/xmlrpc.php
r16804 r15426 1157 1157 do_action('xmlrpc_call', 'wp.deleteComment'); 1158 1158 1159 if ( ! $comment = get_comment( $comment_ID) )1159 if ( ! get_comment($comment_ID) ) 1160 1160 return new IXR_Error( 404, __( 'Invalid comment ID.' ) ); 1161 1162 if ( !current_user_can( 'edit_post', $comment->comment_post_ID ) )1163 return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );1164 1161 1165 1162 return wp_delete_comment($comment_ID); … … 1189 1186 return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) ); 1190 1187 1191 if ( !$comment = get_comment( $comment_ID ) ) 1188 do_action('xmlrpc_call', 'wp.editComment'); 1189 1190 if ( ! get_comment($comment_ID) ) 1192 1191 return new IXR_Error( 404, __( 'Invalid comment ID.' ) ); 1193 1194 if ( !current_user_can( 'edit_post', $comment->comment_post_ID ) )1195 return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );1196 1197 do_action('xmlrpc_call', 'wp.editComment');1198 1192 1199 1193 if ( isset($content_struct['status']) ) { … … 1424 1418 return $this->error; 1425 1419 1426 if ( !current_user_can( 'edit_p ages' ) )1420 if ( !current_user_can( 'edit_posts' ) ) 1427 1421 return new IXR_Error( 403, __( 'You are not allowed access to details about this site.' ) ); 1428 1422 … … 1964 1958 return new IXR_Error(404, __('Sorry, no such post.')); 1965 1959 1966 if ( !current_user_can(' delete_post', $post_ID) )1960 if ( !current_user_can('edit_post', $post_ID) ) 1967 1961 return new IXR_Error(401, __('Sorry, you do not have the right to delete this post.')); 1968 1962 … … 1994 1988 $password = $args[2]; 1995 1989 $content_struct = $args[3]; 1996 $publish = isset( $args[4] ) ? $args[4] : 0;1990 $publish = $args[4]; 1997 1991 1998 1992 if ( !$user = $this->login($username, $password) ) … … 2001 1995 do_action('xmlrpc_call', 'metaWeblog.newPost'); 2002 1996 1997 $cap = ( $publish ) ? 'publish_posts' : 'edit_posts'; 1998 $error_message = __( 'Sorry, you are not allowed to publish posts on this site.' ); 1999 $post_type = 'post'; 2003 2000 $page_template = ''; 2004 2001 if ( !empty( $content_struct['post_type'] ) ) { 2005 2002 if ( $content_struct['post_type'] == 'page' ) { 2006 if ( $publish || 'publish' == $content_struct['page_status']) 2007 $cap = 'publish_pages'; 2008 else 2009 $cap = 'edit_pages'; 2003 $cap = ( $publish ) ? 'publish_pages' : 'edit_pages'; 2010 2004 $error_message = __( 'Sorry, you are not allowed to publish pages on this site.' ); 2011 2005 $post_type = 'page'; … … 2013 2007 $page_template = $content_struct['wp_page_template']; 2014 2008 } elseif ( $content_struct['post_type'] == 'post' ) { 2015 if ( $publish || 'publish' == $content_struct['post_status']) 2016 $cap = 'publish_posts'; 2017 else 2018 $cap = 'edit_posts'; 2019 $error_message = __( 'Sorry, you are not allowed to publish posts on this site.' ); 2020 $post_type = 'post'; 2009 // This is the default, no changes needed 2021 2010 } else { 2022 2011 // No other post_type values are allowed here 2023 2012 return new IXR_Error( 401, __( 'Invalid post type.' ) ); 2024 2013 } 2025 } else {2026 if ( $publish || 'publish' == $content_struct['post_status'])2027 $cap = 'publish_posts';2028 else2029 $cap = 'edit_posts';2030 $error_message = __( 'Sorry, you are not allowed to publish posts on this site.' );2031 $post_type = 'post';2032 2014 } 2033 2015 … … 2294 2276 if ( !empty( $content_struct['post_type'] ) ) { 2295 2277 if ( $content_struct['post_type'] == 'page' ) { 2296 if ( $publish || 'publish' == $content_struct['page_status'] ) 2297 $cap = 'publish_pages'; 2298 else 2299 $cap = 'edit_pages'; 2278 $cap = ( $publish ) ? 'publish_pages' : 'edit_pages'; 2300 2279 $error_message = __( 'Sorry, you are not allowed to publish pages on this site.' ); 2301 2280 $post_type = 'page'; … … 2303 2282 $page_template = $content_struct['wp_page_template']; 2304 2283 } elseif ( $content_struct['post_type'] == 'post' ) { 2305 if ( $publish || 'publish' == $content_struct['post_status'] ) 2306 $cap = 'publish_posts'; 2307 else 2308 $cap = 'edit_posts'; 2309 $error_message = __( 'Sorry, you are not allowed to publish posts on this site.' ); 2310 $post_type = 'post'; 2284 // This is the default, no changes needed 2311 2285 } else { 2312 2286 // No other post_type values are allowed here 2313 2287 return new IXR_Error( 401, __( 'Invalid post type.' ) ); 2314 2288 } 2315 } else {2316 if ( $publish || 'publish' == $content_struct['post_status'] )2317 $cap = 'publish_posts';2318 else2319 $cap = 'edit_posts';2320 $error_message = __( 'Sorry, you are not allowed to publish posts on this site.' );2321 $post_type = 'post';2322 2289 } 2323 2290 … … 3135 3102 do_action('xmlrpc_call', 'mt.publishPost'); 3136 3103 3137 if ( !current_user_can(' publish_posts') || !current_user_can('edit_post', $post_ID) )3104 if ( !current_user_can('edit_post', $post_ID) ) 3138 3105 return new IXR_Error(401, __('Sorry, you cannot edit this post.')); 3139 3106
Note: See TracChangeset
for help on using the changeset viewer.