Make WordPress Core

Opened 14 years ago

Closed 14 years ago

#12867 closed defect (bug) (fixed)

"Preview Changes" does not work for custom content types

Reported by: markjaquith's profile markjaquith Owned by:
Milestone: 3.0 Priority: high
Severity: major Version: 3.0
Component: Posts, Post Types Keywords: has-patch needs-testing
Focuses: Cc:


If you click "Preview Changes" for a custom post type item, you receive the message "Are you sure you want to do this?"

Likely a nonce mismatch issue. Here is the test code to add a custom post type:

                        'album', array(
                        'label' => __('Albums'),
                        'singular_label' => __('Album'),
                        'public' => true,
                        'show_ui' => true,
                        '_edit_link' => 'post.php?post=%d',
                        'capability_type' => 'page',
                        'hierarchical' => false,
                        'rewrite' => true,
                        'query_var' => 'album',
                        'supports' => array('title', 'thumbnail')

Attachments (2)

12867.diff (844 bytes) - added by duck_ 14 years ago.
Move nonce fields out of conditional
12867.2.diff (1.8 KB) - added by duck_ 14 years ago.

Download all attachments as: .zip

Change History (7)

#1 @duck_
14 years ago

case 'preview' in wp-admin/post.php checks for valid 'autosavenonce' (line 268). This is only present in the post editing page if the editor is present (edit-form-advanced.php line 244). This can be tested by adding 'editor' to the supports array, you should find that you can now preview changes. Definitely needs a fix, also noticed this whilst looking into some other bugs (

14 years ago

Move nonce fields out of conditional

#2 @duck_
14 years ago

Don't see why there would be a reason for the four nonce fields to be inside the check for the post type supporting the editor (please correct me and tell me why if I'm wrong!).

Therfore, also fixes: unable to persist rearranged/hidden meta-boxes on custom post type pages & being unable to edit permalink for custom post types (though I cannot seem to get these permalinks to work anyway :S).

#3 @nacin
14 years ago

Some nonces can be restricted to a certain feature, but yeah, grouping them in 'editor' can do some damage. For example, we also currently require a post type support of 'title' to show the permalink settings.

14 years ago

#4 @duck_
14 years ago

  • Keywords has-patch needs-testing added; custom post types preview changes removed

Moves samplepermalink nonce into title support conditional. Removes getpermalink nonce as this is no longer used (see r9473 on autosave.js - perhaps get-permalink case in admin-ajax.php can also be removed?). Moves the other nonce fields out of the editor support conditional and up to the other hidden fields.

#5 @dd32
14 years ago

  • Resolution set to fixed
  • Status changed from new to closed

(In [14148]) Move nonces into better locations, Currently nested within the Editor support, which is not always enabled. Props duck_. Fixes #12867

Note: See TracTickets for help on using tickets.