Changeset 3513 for trunk/wp-admin/admin-functions.php
- Timestamp:
- 02/11/2006 09:56:02 AM (19 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-admin/admin-functions.php
r3510 r3513 5 5 global $user_ID; 6 6 7 if (!current_user_can('edit_posts')) 8 die(__('You are not allowed to create posts or drafts on this blog.')); 7 if ( 'page' == $_POST['post_type'] ) { 8 if ( !current_user_can('edit_pages') ) 9 die(__('You are not allowed to create pages on this blog.')); 10 } else { 11 if ( !current_user_can('edit_posts') ) 12 die(__('You are not allowed to create posts or drafts on this blog.')); 13 } 9 14 10 15 // Rename. … … 16 21 if (!empty ($_POST['post_author_override'])) { 17 22 $_POST['post_author'] = (int) $_POST['post_author_override']; 18 } else 23 } else { 19 24 if (!empty ($_POST['post_author'])) { 20 25 $_POST['post_author'] = (int) $_POST['post_author']; … … 23 28 } 24 29 25 if (($_POST['post_author'] != $_POST['user_ID']) && !current_user_can('edit_others_posts')) 26 die(__('You cannot post as this user.')); 30 } 31 32 if ($_POST['post_author'] != $_POST['user_ID']) { 33 if ( 'page' == $_POST['post_type'] ) { 34 if ( !current_user_can('edit_others_pages') ) 35 die(__('You cannot create pages as this user.')); 36 } else { 37 if ( !current_user_can('edit_others_posts') ) 38 die(__('You cannot post as this user.')); 39 40 } 41 } 27 42 28 43 // What to do based on which button they pressed … … 35 50 if ('' != $_POST['advanced']) 36 51 $_POST['post_status'] = 'draft'; 37 //if ('' != $_POST['savepage']) { 38 // $_POST['post_status'] = 'draft';39 40 if ('publish' == $_POST['post_status'] && !current_user_can('publish_posts'))41 $_POST['post_status'] = 'draft';42 43 if ('page' == $_POST['post_type'] && !current_user_can('edit_pages'))44 die(__('This user cannot edit pages.'));52 53 if ( 'page' == $_POST['post_type'] ) { 54 if ('publish' == $_POST['post_status'] && !current_user_can('publish_pages')) 55 $_POST['post_status'] = 'draft'; 56 } else { 57 if ('publish' == $_POST['post_status'] && !current_user_can('publish_posts')) 58 $_POST['post_status'] = 'draft'; 59 } 45 60 46 61 if (!empty ($_POST['edit_date'])) { … … 124 139 $post_ID = (int) $_POST['post_ID']; 125 140 126 if (!current_user_can('edit_post', $post_ID)) 127 die(__('You are not allowed to edit this post.')); 141 if ( 'page' == $_POST['post_type'] ) { 142 if ( !current_user_can('edit_page', $post_ID) ) 143 die(__('You are not allowed to edit this page.')); 144 } else { 145 if ( !current_user_can('edit_post', $post_ID) ) 146 die(__('You are not allowed to edit this post.')); 147 } 128 148 129 149 // Rename. … … 143 163 } 144 164 145 if (($_POST['post_author'] != $_POST['user_ID']) && !current_user_can('edit_others_posts')) 146 die(__('You cannot post as this user.')); 165 if ($_POST['post_author'] != $_POST['user_ID']) { 166 if ( 'page' == $_POST['post_type'] ) { 167 if ( !current_user_can('edit_others_pages') ) 168 die(__('You cannot edit pages as this user.')); 169 } else { 170 if ( !current_user_can('edit_others_posts') ) 171 die(__('You cannot edit posts as this user.')); 172 173 } 174 } 147 175 148 176 // What to do based on which button they pressed … … 155 183 if ('' != $_POST['advanced']) 156 184 $_POST['post_status'] = 'draft'; 157 //if ('' != $_POST['savepage']) 158 // $_POST['post_status'] = 'static';159 160 if ('publish' == $_POST['post_status'] && !current_user_can('publish_posts'))161 $_POST['post_status'] = 'draft';162 163 if ('static' == $_POST['post_status'] && !current_user_can('edit_pages'))164 die(__('This user cannot edit pages.'));185 186 if ( 'page' == $_POST['post_type'] ) { 187 if ('publish' == $_POST['post_status'] && !current_user_can('edit_published_pages')) 188 $_POST['post_status'] = 'draft'; 189 } else { 190 if ('publish' == $_POST['post_status'] && !current_user_can('edit_published_posts')) 191 $_POST['post_status'] = 'draft'; 192 } 165 193 166 194 if (!isset ($_POST['comment_status']))
Note: See TracChangeset
for help on using the changeset viewer.