Changeset 34156
- Timestamp:
- 09/14/2015 11:02:09 PM (9 years ago)
- Location:
- branches/3.8/src
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/3.8/src/wp-admin/includes/ajax-actions.php
r27889 r34156 1374 1374 $data['parent_id'] = $data['post_parent']; 1375 1375 1376 // status 1377 if ( isset($data['keep_private']) && 'private' == $data['keep_private'] ) 1376 // Status. 1377 if ( isset( $data['keep_private'] ) && 'private' == $data['keep_private'] ) { 1378 $data['visibility'] = 'private'; 1378 1379 $data['post_status'] = 'private'; 1379 else1380 } else { 1380 1381 $data['post_status'] = $data['_status']; 1382 } 1381 1383 1382 1384 if ( empty($data['comment_status']) ) -
branches/3.8/src/wp-includes/class-wp-xmlrpc-server.php
r27873 r34156 990 990 } 991 991 992 private function _validate_boolean( $var ) { 993 if ( is_bool( $var ) ) { 994 return $var; 995 } 996 997 if ( is_string( $var ) && 'false' === strtolower( $var ) ) { 998 return false; 999 } 1000 1001 return (bool) $var; 1002 } 1003 1004 /** 1005 * Encapsulate the logic for sticking a post 1006 * and determining if the user has permission to do so 1007 * 1008 * @since 4.3.0 1009 * @access private 1010 * 1011 * @param array $post_data 1012 * @param bool $update 1013 * @return void|IXR_Error 1014 */ 1015 private function _toggle_sticky( $post_data, $update = false ) { 1016 $post_type = get_post_type_object( $post_data['post_type'] ); 1017 1018 // Private and password-protected posts cannot be stickied. 1019 if ( 'private' === $post_data['post_status'] || ! empty( $post_data['post_password'] ) ) { 1020 // Error if the client tried to stick the post, otherwise, silently unstick. 1021 if ( ! empty( $post_data['sticky'] ) ) { 1022 return new IXR_Error( 401, __( 'Sorry, you cannot stick a private post.' ) ); 1023 } 1024 1025 if ( $update ) { 1026 unstick_post( $post_data['ID'] ); 1027 } 1028 } elseif ( isset( $post_data['sticky'] ) ) { 1029 if ( ! current_user_can( $post_type->cap->edit_others_posts ) ) { 1030 return new IXR_Error( 401, __( 'Sorry, you are not allowed to stick this post.' ) ); 1031 } 1032 1033 $sticky = $this->_validate_boolean( $post_data['sticky'] ); 1034 if ( $sticky ) { 1035 stick_post( $post_data['ID'] ); 1036 } else { 1037 unstick_post( $post_data['ID'] ); 1038 } 1039 } 1040 } 1041 992 1042 /** 993 1043 * Helper method for wp_newPost and wp_editPost, containing shared logic. … … 1082 1132 1083 1133 if ( $post_data['post_type'] == 'post' ) { 1084 // Private and password-protected posts cannot be stickied. 1085 if ( $post_data['post_status'] == 'private' || ! empty( $post_data['post_password'] ) ) { 1086 // Error if the client tried to stick the post, otherwise, silently unstick. 1087 if ( ! empty( $post_data['sticky'] ) ) 1088 return new IXR_Error( 401, __( 'Sorry, you cannot stick a private post.' ) ); 1089 if ( $update ) 1090 unstick_post( $post_ID ); 1091 } elseif ( isset( $post_data['sticky'] ) ) { 1092 if ( ! current_user_can( $post_type->cap->edit_others_posts ) ) 1093 return new IXR_Error( 401, __( 'Sorry, you are not allowed to stick this post.' ) ); 1094 if ( $post_data['sticky'] ) 1095 stick_post( $post_ID ); 1096 else 1097 unstick_post( $post_ID ); 1134 $error = $this->_toggle_sticky( $post_data, $update ); 1135 if ( $error ) { 1136 return $error; 1098 1137 } 1099 1138 } … … 4272 4311 // Only posts can be sticky 4273 4312 if ( $post_type == 'post' && isset( $content_struct['sticky'] ) ) { 4274 if ( $content_struct['sticky'] == true ) 4275 stick_post( $post_ID ); 4276 elseif ( $content_struct['sticky'] == false ) 4277 unstick_post( $post_ID ); 4313 $data = $postdata; 4314 $data['sticky'] = $content_struct['sticky']; 4315 $error = $this->_toggle_sticky( $data ); 4316 if ( $error ) { 4317 return $error; 4318 } 4278 4319 } 4279 4320 … … 4539 4580 $tags_input = isset( $content_struct['mt_keywords'] ) ? $content_struct['mt_keywords'] : null; 4540 4581 4541 if ( ('publish' == $post_status) ) { 4542 if ( ( 'page' == $post_type ) && !current_user_can('publish_pages') ) 4543 return new IXR_Error(401, __('Sorry, you do not have the right to publish this page.')); 4544 else if ( !current_user_can('publish_posts') ) 4545 return new IXR_Error(401, __('Sorry, you do not have the right to publish this post.')); 4582 if ( 'publish' == $post_status || 'private' == $post_status ) { 4583 if ( 'page' == $post_type && ! current_user_can( 'publish_pages' ) ) { 4584 return new IXR_Error( 401, __( 'Sorry, you do not have the right to publish this page.' ) ); 4585 } elseif ( ! current_user_can( 'publish_posts' ) ) { 4586 return new IXR_Error( 401, __( 'Sorry, you do not have the right to publish this post.' ) ); 4587 } 4546 4588 } 4547 4589 … … 4583 4625 // Only posts can be sticky 4584 4626 if ( $post_type == 'post' && isset( $content_struct['sticky'] ) ) { 4585 if ( $content_struct['sticky'] == true ) 4586 stick_post( $post_ID ); 4587 elseif ( $content_struct['sticky'] == false ) 4588 unstick_post( $post_ID ); 4627 $data = $newpost; 4628 $data['sticky'] = $content_struct['sticky']; 4629 $data['post_type'] = 'post'; 4630 $error = $this->_toggle_sticky( $data, true ); 4631 if ( $error ) { 4632 return $error; 4633 } 4589 4634 } 4590 4635
Note: See TracChangeset
for help on using the changeset viewer.