Changeset 25430 for trunk/src/wp-admin/includes/ajax-actions.php
- Timestamp:
- 09/13/2013 09:21:16 PM (11 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-admin/includes/ajax-actions.php
r25279 r25430 1048 1048 check_ajax_referer( 'autosave', 'autosavenonce' ); 1049 1049 1050 $_POST['post_category'] = explode(",", $_POST['catslist']); 1051 if ( $_POST['post_type'] == 'page' || empty($_POST['post_category']) ) 1052 unset($_POST['post_category']); 1050 if ( ! empty( $_POST['catslist'] ) ) 1051 $_POST['post_category'] = explode( ',', $_POST['catslist'] ); 1052 if ( $_POST['post_type'] == 'page' || empty( $_POST['post_category'] ) ) 1053 unset( $_POST['post_category'] ); 1053 1054 1054 1055 $data = ''; … … 1058 1059 $post_id = (int) $_POST['post_id']; 1059 1060 $_POST['ID'] = $_POST['post_ID'] = $post_id; 1060 $post = get_post($post_id); 1061 $post = get_post( $post_id ); 1062 if ( empty( $post->ID ) || ! current_user_can( 'edit_post', $post->ID ) ) 1063 wp_die( __( 'You are not allowed to edit this post.' ) ); 1064 1065 if ( 'page' == $post->post_type && ! current_user_can( 'edit_page', $post->ID ) ) 1066 wp_die( __( 'You are not allowed to edit this page.' ) ); 1067 1061 1068 if ( 'auto-draft' == $post->post_status ) 1062 1069 $_POST['post_status'] = 'draft'; 1063 1064 if ( 'page' == $post->post_type ) {1065 if ( !current_user_can('edit_page', $post->ID) )1066 wp_die( __( 'You are not allowed to edit this page.' ) );1067 } else {1068 if ( !current_user_can('edit_post', $post->ID) )1069 wp_die( __( 'You are not allowed to edit this post.' ) );1070 }1071 1070 1072 1071 if ( ! empty( $_POST['autosave'] ) ) {
Note: See TracChangeset
for help on using the changeset viewer.