Make WordPress Core

Changeset 9055


Ignore:
Timestamp:
10/02/2008 04:10:54 AM (16 years ago)
Author:
markjaquith
Message:

Do not allow contributors to set the post slug for pending review posts. fixes #7805

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/edit-form-advanced.php

    r9054 r9055  
    375375<?php
    376376}
    377 add_meta_box('slugdiv', __('Post Slug'), 'post_slug_meta_box', 'post', 'normal', 'core');
     377if ( !( 'pending' == $post->post_status && !current_user_can( 'publish_posts' ) ) )
     378    add_meta_box('slugdiv', __('Post Slug'), 'post_slug_meta_box', 'post', 'normal', 'core');
    378379
    379380$authors = get_editable_user_ids( $current_user->id ); // TODO: ROLE SYSTEM
     
    482483<div class="inside">
    483484<?php $sample_permalink_html = get_sample_permalink_html($post->ID); ?>
     485<?php if ( !( 'pending' == $post->post_status && !current_user_can( 'publish_posts' ) ) ) { ?>
    484486    <div id="edit-slug-box">
    485487<?php if ( ! empty($post->ID) && ! empty($sample_permalink_html) ) :
     
    487489endif; ?>
    488490    </div>
     491<?php } ?>
    489492</div>
    490493</div>
  • trunk/wp-includes/post.php

    r8966 r9055  
    13511351    }
    13521352
    1353     // Create a valid post name.  Drafts are allowed to have an empty
     1353    // Don't allow contributors to set to set the post slug for pending review posts
     1354    if ( 'pending' == $post_status && !current_user_can( 'publish_posts' ) )
     1355        $post_name = '';
     1356
     1357    // Create a valid post name.  Drafts and pending posts are allowed to have an empty
    13541358    // post name.
    13551359    if ( empty($post_name) ) {
    1356         if ( 'draft' != $post_status )
     1360        if ( !in_array( $post_status, array( 'draft', 'pending' ) ) )
    13571361            $post_name = sanitize_title($post_title);
    13581362    } else {
     
    13601364    }
    13611365
    1362     // If the post date is empty (due to having been new or a draft) and status is not 'draft', set date to now
     1366    // If the post date is empty (due to having been new or a draft) and status is not 'draft' or 'pending', set date to now
    13631367    if ( empty($post_date) || '0000-00-00 00:00:00' == $post_date )
    13641368        $post_date = current_time('mysql');
    13651369
    13661370    if ( empty($post_date_gmt) || '0000-00-00 00:00:00' == $post_date_gmt ) {
    1367         if ( !in_array($post_status, array('draft', 'pending')) )
     1371        if ( !in_array( $post_status, array( 'draft', 'pending' ) ) )
    13681372            $post_date_gmt = get_gmt_from_date($post_date);
    13691373        else
     
    14151419        $post_password = '';
    14161420
    1417     if ( 'draft' != $post_status ) {
     1421    if ( !in_array( $post_status, array( 'draft', 'pending' ) ) ) {
    14181422        $post_name_check = $wpdb->get_var($wpdb->prepare("SELECT post_name FROM $wpdb->posts WHERE post_name = %s AND post_type = %s AND ID != %d AND post_parent = %d LIMIT 1", $post_name, $post_type, $post_ID, $post_parent));
    14191423
     
    14581462    }
    14591463
    1460     if ( empty($post_name) && 'draft' != $post_status ) {
     1464    if ( empty($post_name) && !in_array( $post_status, array( 'draft', 'pending' ) ) ) {
    14611465        $post_name = sanitize_title($post_title, $post_ID);
    14621466        $wpdb->update( $wpdb->posts, compact( 'post_name' ), $where );
Note: See TracChangeset for help on using the changeset viewer.