Changeset 31983 for trunk/src/wp-includes/class-wp-xmlrpc-server.php
- Timestamp:
- 04/02/2015 03:48:41 PM (9 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/class-wp-xmlrpc-server.php
r31279 r31983 4757 4757 4758 4758 // Only set the post_author if one is set. 4759 if ( isset($content_struct['wp_author_id']) && ($user->ID != $content_struct['wp_author_id']) ) { 4760 switch ( $post_type ) { 4761 case 'post': 4762 if ( !current_user_can('edit_others_posts') ) 4763 return new IXR_Error( 401, __( 'You are not allowed to change the post author as this user.' ) ); 4764 break; 4765 case 'page': 4766 if ( !current_user_can('edit_others_pages') ) 4767 return new IXR_Error( 401, __( 'You are not allowed to change the page author as this user.' ) ); 4768 break; 4769 default: 4770 return new IXR_Error( 401, __( 'Invalid post type' ) ); 4759 if ( isset( $content_struct['wp_author_id'] ) ) { 4760 // Check permissions if attempting to switch author to or from another user. 4761 if ( $user->ID != $content_struct['wp_author_id'] || $user->ID != $post_author ) { 4762 switch ( $post_type ) { 4763 case 'post': 4764 if ( ! current_user_can( 'edit_others_posts' ) ) { 4765 return new IXR_Error( 401, __( 'You are not allowed to change the post author as this user.' ) ); 4766 } 4767 break; 4768 case 'page': 4769 if ( ! current_user_can( 'edit_others_pages' ) ) { 4770 return new IXR_Error( 401, __( 'You are not allowed to change the page author as this user.' ) ); 4771 } 4772 break; 4773 default: 4774 return new IXR_Error( 401, __( 'Invalid post type' ) ); 4775 break; 4776 } 4777 $post_author = $content_struct['wp_author_id']; 4771 4778 } 4772 $post_author = $content_struct['wp_author_id'];4773 4779 } 4774 4780
Note: See TracChangeset
for help on using the changeset viewer.