Changeset 34157
- Timestamp:
- 09/14/2015 11:02:50 PM (9 years ago)
- Location:
- branches/3.7/src
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/3.7/src/wp-admin/includes/ajax-actions.php
r25868 r34157 1378 1378 $data['parent_id'] = $data['post_parent']; 1379 1379 1380 // status 1381 if ( isset($data['keep_private']) && 'private' == $data['keep_private'] ) 1380 // Status. 1381 if ( isset( $data['keep_private'] ) && 'private' == $data['keep_private'] ) { 1382 $data['visibility'] = 'private'; 1382 1383 $data['post_status'] = 'private'; 1383 else1384 } else { 1384 1385 $data['post_status'] = $data['_status']; 1386 } 1385 1387 1386 1388 if ( empty($data['comment_status']) ) -
branches/3.7/src/wp-includes/class-wp-xmlrpc-server.php
r27878 r34157 991 991 } 992 992 993 private function _validate_boolean( $var ) { 994 if ( is_bool( $var ) ) { 995 return $var; 996 } 997 998 if ( is_string( $var ) && 'false' === strtolower( $var ) ) { 999 return false; 1000 } 1001 1002 return (bool) $var; 1003 } 1004 1005 /** 1006 * Encapsulate the logic for sticking a post 1007 * and determining if the user has permission to do so 1008 * 1009 * @since 4.3.0 1010 * @access private 1011 * 1012 * @param array $post_data 1013 * @param bool $update 1014 * @return void|IXR_Error 1015 */ 1016 private function _toggle_sticky( $post_data, $update = false ) { 1017 $post_type = get_post_type_object( $post_data['post_type'] ); 1018 1019 // Private and password-protected posts cannot be stickied. 1020 if ( 'private' === $post_data['post_status'] || ! empty( $post_data['post_password'] ) ) { 1021 // Error if the client tried to stick the post, otherwise, silently unstick. 1022 if ( ! empty( $post_data['sticky'] ) ) { 1023 return new IXR_Error( 401, __( 'Sorry, you cannot stick a private post.' ) ); 1024 } 1025 1026 if ( $update ) { 1027 unstick_post( $post_data['ID'] ); 1028 } 1029 } elseif ( isset( $post_data['sticky'] ) ) { 1030 if ( ! current_user_can( $post_type->cap->edit_others_posts ) ) { 1031 return new IXR_Error( 401, __( 'Sorry, you are not allowed to stick this post.' ) ); 1032 } 1033 1034 $sticky = $this->_validate_boolean( $post_data['sticky'] ); 1035 if ( $sticky ) { 1036 stick_post( $post_data['ID'] ); 1037 } else { 1038 unstick_post( $post_data['ID'] ); 1039 } 1040 } 1041 } 1042 993 1043 /** 994 1044 * Helper method for wp_newPost and wp_editPost, containing shared logic. … … 1083 1133 1084 1134 if ( $post_data['post_type'] == 'post' ) { 1085 // Private and password-protected posts cannot be stickied. 1086 if ( $post_data['post_status'] == 'private' || ! empty( $post_data['post_password'] ) ) { 1087 // Error if the client tried to stick the post, otherwise, silently unstick. 1088 if ( ! empty( $post_data['sticky'] ) ) 1089 return new IXR_Error( 401, __( 'Sorry, you cannot stick a private post.' ) ); 1090 if ( $update ) 1091 unstick_post( $post_ID ); 1092 } elseif ( isset( $post_data['sticky'] ) ) { 1093 if ( ! current_user_can( $post_type->cap->edit_others_posts ) ) 1094 return new IXR_Error( 401, __( 'Sorry, you are not allowed to stick this post.' ) ); 1095 if ( $post_data['sticky'] ) 1096 stick_post( $post_ID ); 1097 else 1098 unstick_post( $post_ID ); 1135 $error = $this->_toggle_sticky( $post_data, $update ); 1136 if ( $error ) { 1137 return $error; 1099 1138 } 1100 1139 } … … 4273 4312 // Only posts can be sticky 4274 4313 if ( $post_type == 'post' && isset( $content_struct['sticky'] ) ) { 4275 if ( $content_struct['sticky'] == true ) 4276 stick_post( $post_ID ); 4277 elseif ( $content_struct['sticky'] == false ) 4278 unstick_post( $post_ID ); 4314 $data = $postdata; 4315 $data['sticky'] = $content_struct['sticky']; 4316 $error = $this->_toggle_sticky( $data ); 4317 if ( $error ) { 4318 return $error; 4319 } 4279 4320 } 4280 4321 … … 4540 4581 $tags_input = isset( $content_struct['mt_keywords'] ) ? $content_struct['mt_keywords'] : null; 4541 4582 4542 if ( ('publish' == $post_status) ) { 4543 if ( ( 'page' == $post_type ) && !current_user_can('publish_pages') ) 4544 return new IXR_Error(401, __('Sorry, you do not have the right to publish this page.')); 4545 else if ( !current_user_can('publish_posts') ) 4546 return new IXR_Error(401, __('Sorry, you do not have the right to publish this post.')); 4583 if ( 'publish' == $post_status || 'private' == $post_status ) { 4584 if ( 'page' == $post_type && ! current_user_can( 'publish_pages' ) ) { 4585 return new IXR_Error( 401, __( 'Sorry, you do not have the right to publish this page.' ) ); 4586 } elseif ( ! current_user_can( 'publish_posts' ) ) { 4587 return new IXR_Error( 401, __( 'Sorry, you do not have the right to publish this post.' ) ); 4588 } 4547 4589 } 4548 4590 … … 4584 4626 // Only posts can be sticky 4585 4627 if ( $post_type == 'post' && isset( $content_struct['sticky'] ) ) { 4586 if ( $content_struct['sticky'] == true ) 4587 stick_post( $post_ID ); 4588 elseif ( $content_struct['sticky'] == false ) 4589 unstick_post( $post_ID ); 4628 $data = $newpost; 4629 $data['sticky'] = $content_struct['sticky']; 4630 $data['post_type'] = 'post'; 4631 $error = $this->_toggle_sticky( $data, true ); 4632 if ( $error ) { 4633 return $error; 4634 } 4590 4635 } 4591 4636
Note: See TracChangeset
for help on using the changeset viewer.