Changeset 21745
- Timestamp:
- 09/04/2012 08:58:32 PM (9 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/3.4/wp-includes/class-wp-atom-server.php
r20715 r21745 168 168 'POST' => 'create_attachment'), 169 169 '@/attachment/file/(\d+)$@' => 170 array('GET' => 'get_file', 171 'PUT' => 'put_file', 172 'DELETE' => 'delete_file'), 170 array('GET' => 'get_file'), 173 171 '@/attachment/(\d+)$@' => 174 172 array('GET' => 'get_attachment', … … 316 314 $entry = array_pop($parser->feed->entries); 317 315 316 $publish = ! ( isset( $entry->draft ) && 'yes' == trim( $entry->draft ) ); 317 $cap = ($publish) ? 'publish_posts' : 'edit_posts'; 318 319 if ( !current_user_can($cap) ) 320 $this->auth_required(__('Sorry, you do not have the right to edit/publish new posts.')); 321 318 322 $catnames = array(); 319 323 if ( !empty( $entry->categories ) ) { … … 331 335 array_push($post_category, $cat->term_id); 332 336 } 333 334 $publish = ! ( isset( $entry->draft ) && 'yes' == trim( $entry->draft ) );335 336 $cap = ($publish) ? 'publish_posts' : 'edit_posts';337 338 if ( !current_user_can($cap) )339 $this->auth_required(__('Sorry, you do not have the right to edit/publish new posts.'));340 337 341 338 $blog_ID = get_current_blog_id(); … … 399 396 global $entry; 400 397 401 if ( ! current_user_can( 'edit_post', $postID ) )398 if ( ! get_post( $postID ) || ! current_user_can( 'edit_post', $postID ) ) 402 399 $this->auth_required( __( 'Sorry, you do not have the right to access this post.' ) ); 403 400 … … 430 427 $this->set_current_entry($postID); 431 428 432 if ( !current_user_can('edit_post', $ entry['ID']) )429 if ( !current_user_can('edit_post', $postID) ) 433 430 $this->auth_required(__('Sorry, you do not have the right to edit this post.')); 434 431 435 432 $publish = ! ( isset($parsed->draft) && 'yes' == trim($parsed->draft) ); 433 434 if ( $publish && ! current_user_can( 'publish_posts' ) ) 435 $this->auth_required( __( 'Sorry, you do not have the right to publish this post.' ) ); 436 436 437 $post_status = ($publish) ? 'publish' : 'draft'; 437 438 … … 474 475 $this->set_current_entry($postID); 475 476 476 if ( !current_user_can(' edit_post', $postID) )477 if ( !current_user_can('delete_post', $postID) ) 477 478 $this->auth_required(__('Sorry, you do not have the right to delete this post.')); 478 479 … … 505 506 $this->get_attachments(); 506 507 } else { 508 if ( ! current_user_can( 'edit_post', $postID ) ) 509 $this->auth_required( __( 'Sorry, you do not have the right to edit this post.' ) ); 510 507 511 $this->set_current_entry($postID); 508 512 $output = $this->get_entry($postID, 'attachment'); … … 590 594 $this->set_current_entry($postID); 591 595 592 if ( !current_user_can('edit_post', $entry['ID']) )596 if ( !current_user_can('edit_post', $entry['ID']) || 'attachment' != $entry['post_type'] ) 593 597 $this->auth_required(__('Sorry, you do not have the right to edit this post.')); 594 598 … … 625 629 $this->set_current_entry($postID); 626 630 627 if ( !current_user_can(' edit_post', $postID) )631 if ( !current_user_can('delete_post', $postID) ) 628 632 $this->auth_required(__('Sorry, you do not have the right to delete this post.')); 629 633 … … 634 638 $this->internal_error(__('Error occurred while accessing post metadata for file location.')); 635 639 636 // delete file637 @unlink($location);638 639 640 // delete attachment 640 $result = wp_delete_ post($postID);641 $result = wp_delete_attachment($postID); 641 642 642 643 if ( !$result ) … … 971 972 $count = get_option('posts_per_rss'); 972 973 973 wp('posts_per_page=' . $count . '&offset=' . ($count * ($page-1)) . '&orderby=modified&p ost_status=any');974 wp('posts_per_page=' . $count . '&offset=' . ($count * ($page-1)) . '&orderby=modified&perm=readable'); 974 975 975 976 $post = $GLOBALS['post'];
Note: See TracChangeset
for help on using the changeset viewer.