#5608 closed defect (bug) (invalid)
Future Private Post is immediately visible
Reported by: | mattyrob | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | 2.3.2 |
Component: | Administration | Keywords: | |
Focuses: | Cc: |
Description
If you create a Private Post and edit the time stamp to a date in the future the post still becomes immediately visible to registered users.
The database holds a post_status of private rather than future. Surely it should be future and be pushed through a transition hook along the lines of future_to_private.
Change History (12)
#2
in reply to:
↑ 1
@
16 years ago
Replying to ffemtcj:
Does this still happen with the trunk version of 2.5?
Still happening in Trunk (8029)
#3
follow-up:
↓ 4
@
16 years ago
Can I propose 2 potential fixes for this:
1/ Add a date parameter into the get_posts function to ensure future posts are not displayed based on time rather than post_status being future
2/ Introduce a new post_status of 'future_private'
It is still affecting (8226)
#4
in reply to:
↑ 3
;
follow-up:
↓ 5
@
16 years ago
Replying to MattyRob:
Can I propose 2 potential fixes for this:
1/ Add a date parameter into the get_posts function to ensure future posts are not displayed based on time rather than post_status being future
2/ Introduce a new post_status of 'future_private'
It is still affecting (8226)
Seems like a lot of trouble to go to. I think it's simpler than that.
The post_status should be set to "future", but the cron job that is scheduled should a parameter indicating the private status of the post. The publish_future_post hook will pass this along to whatever function is publishing it, and then the post will get changed to private, along with all the future_to_private hooks getting run and such.
Posts are published by the cron job. That's what future means. If we have the job itself send along how to publish the post, then it will take care of it for you.
#5
in reply to:
↑ 4
@
16 years ago
Replying to Otto42:
Seems like a lot of trouble to go to. I think it's simpler than that.
The post_status should be set to "future", but the cron job that is scheduled should a parameter indicating the private status of the post. The publish_future_post hook will pass this along to whatever function is publishing it, and then the post will get changed to private, along with all the future_to_private hooks getting run and such.
Posts are published by the cron job. That's what future means. If we have the job itself send along how to publish the post, then it will take care of it for you.
This seems a better way - in the WordPress tables we can set post_status as future and set post_type as private (currently thought post_type is only 'post' or 'page'.
Then in the transitions looking at 'future' posts we can future_to_publish if it a post or page and future_to_private if its a private.
How does that sound?
#6
@
16 years ago
- Milestone changed from 2.6 to 2.7
- Priority changed from low to normal
Actually my suggestion above won't work because you can have a Private Post and a Private Page, my suggestion above would not differentiate between a Page and Post.
This is going to need some more thought and perhaps some changes in the core tables.
So, up the priority and bump to 2.7 - won't be fixed in 4 days :(
#8
@
16 years ago
Recommendation:
- Add new status: future_private for private, scheduled posts/pages (original idea attrib to MattyRob)
- Add language support to manage_posts form (/wp-admin/edit.php) and edit_post form (/wp-admin/post.php). For example "Scheduled (Private)"
- In function wp_insert_post check for private status, and if the date is in the future, then set $post_status = 'future_private'
- In function check_and_publish_future_post, check if $post->post_status = 'future_private' as follows:
Replace
if ( 'future' != $post->post_status ) return; return wp_publish_post($post_id);
With
if ( 'future' == $post->post_status || 'future_private' == $post->post_status ) return wp_publish_post($post_id); return;
This approach does the following:
- Addresses need for scheduling private posts/pages
- Provides a way to differentiate between future public and future private
- Remains backward compatible with existing future public method (publish_future_post hook)
- Omits the need to add an additional field to be processed (no new variables to manage)
- Simplifies conversion of private published content to private future content (If you publish private content, it's post_status private. If you change the date to be in the future, then it auto converts private to future_private). wp_insert_post is called regardless of whether we're creating a new post or updating an old post.
#9
follow-up:
↓ 11
@
16 years ago
- Resolution set to invalid
- Status changed from new to closed
There is no such thing as a private unpublished post. This is not a bug and could maybe be considered a feature request. See also #9136 for additional explanation.
#11
in reply to:
↑ 9
@
15 years ago
Replying to FFEMTcJ:
There is no such thing as a private unpublished post. This is not a bug and could maybe be considered a feature request. See also #9136 for additional explanation.
Well, I'm glad that only took 13 months to clarify!
Incidentally, the WordPress codex intimates that Private Pages are only "viewable only to you"- this is not the case, they are viewable to all admin level users.
Does this still happen with the trunk version of 2.5?