Check proper caps when publising a page. Props DD32. fixes #8208

git-svn-id: http://svn.automattic.com/wordpress/trunk@9701 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2008-11-14 23:34:18 +00:00
parent da754f886b
commit 29ab18dcb7
2 changed files with 10 additions and 3 deletions

View File

@ -228,7 +228,7 @@ if ( ( 'edit' == $action ) && current_user_can('delete_page', $post->ID) ) { ?>
<div id="publishing-action">
<?php
if ( !in_array( $post->post_status, array('publish', 'future', 'private') ) || 0 == $post->ID ) { ?>
<?php if ( current_user_can('publish_posts') ) : ?>
<?php if ( $can_publish ) : ?>
<?php if ( !empty($post->post_date_gmt) && time() < strtotime( $post->post_date_gmt . ' +0000' ) ) : ?>
<input name="original_publish" type="hidden" id="original_publish" value="<?php _e('Schedule') ?>" />
<input name="publish" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php _e('Schedule') ?>" />

View File

@ -75,8 +75,15 @@ function _wp_translate_postdata( $update = false, $post_data = null ) {
// Posts 'submitted for approval' present are submitted to $_POST the same as if they were being published.
// Change status from 'publish' to 'pending' if user lacks permissions to publish or to resave published posts.
if ( isset($post_data['post_status']) && ('publish' == $post_data['post_status'] && !current_user_can( 'publish_posts' )) )
if ( $previous_status != 'publish' OR !current_user_can( 'edit_published_pages') )
if ( 'page' == $post_data['post_type'] ) {
$publish_cap = 'publish_pages';
$edit_cap = 'edit_published_pages';
} else {
$publish_cap = 'publish_posts';
$edit_cap = 'edit_published_posts';
}
if ( isset($post_data['post_status']) && ('publish' == $post_data['post_status'] && !current_user_can( $publish_cap )) )
if ( $previous_status != 'publish' || !current_user_can( $edit_cap ) )
$post_data['post_status'] = 'pending';
if ( ! isset($post_data['post_status']) )