Changes in branches/2.3/xmlrpc.php [6715:6504]

File:

• branches/2.3/xmlrpc.php (modified) (2 diffs)

branches/2.3/xmlrpc.php

@@ -976 +976 @@
         return $this->error;
       }
+
+      $cap = ($publish) ? 'publish_posts' : 'edit_posts';
       $user = set_current_user(0, $user_login);
-
-        $cap = ( $publish ) ? 'publish_posts' : 'edit_posts';
-        $error_message = __( 'Sorry, you are not allowed to publish posts on this blog.' );
-        $post_type = 'post';
-        if( !empty( $content_struct['post_type'] ) ) {
-            if( $content_struct['post_type'] == 'page' ) {
-                $cap = ( $publish ) ? 'publish_pages' : 'edit_pages';
-                $error_message = __( 'Sorry, you are not allowed to publish pages on this blog.' );
-                $post_type = 'page';
-            }
-            elseif( $content_type['post_type'] == 'post' ) {
-                // This is the default, no changes needed
-            }
-            else {
-                // No other post_type values are allowed here
-                return new IXR_Error( 401, __( 'Invalid post type.' ) );
-            }
-        }
-
-        if( !current_user_can( $cap ) ) {
-            return new IXR_Error( 401, $error_message );
+      if ( !current_user_can($cap) )
+        return new IXR_Error(401, __('Sorry, you are not allowed to post on this blog.'));
+
+        // The post_type defaults to post, but could also be page.
+        $post_type = "post";
+        if(
+            !empty($content_struct["post_type"])
+            && ($content_struct["post_type"] == "page")
+        ) {
+            $post_type = "page";
         }
 
@@ -1197 +1188 @@
         return $this->error;
       }
+
         $user = set_current_user(0, $user_login);
 
-        $cap = ( $publish ) ? 'publish_posts' : 'edit_posts';
-        $error_message = __( 'Sorry, you are not allowed to publish posts on this blog.' );
-        $post_type = 'post';
-        if( !empty( $content_struct['post_type'] ) ) {
-            if( $content_struct['post_type'] == 'page' ) {
-                $cap = ( $publish ) ? 'publish_pages' : 'edit_pages';
-                $error_message = __( 'Sorry, you are not allowed to publish pages on this blog.' );
-                $post_type = 'page';
-            }
-            elseif( $content_type['post_type'] == 'post' ) {
-                // This is the default, no changes needed
-            }
-            else {
-                // No other post_type values are allowed here
-                return new IXR_Error( 401, __( 'Invalid post type.' ) );
-            }
-        }
-
-        if( !current_user_can( $cap ) ) {
-            return new IXR_Error( 401, $error_message );
-        }
+        // The post_type defaults to post, but could also be page.
+        $post_type = "post";
+        if(
+            !empty($content_struct["post_type"])
+            && ($content_struct["post_type"] == "page")
+        ) {
+            $post_type = "page";
+        }
+
+      // Edit page caps are checked in editPage.  Just check post here.
+      if ( ( 'post' == $post_type ) && !current_user_can('edit_post', $post_ID) )
+        return new IXR_Error(401, __('Sorry, you can not edit this post.'));
 
       $postdata = wp_get_single_post($post_ID, ARRAY_A);