diff --git a/wp-admin/edit-form-advanced.php b/wp-admin/edit-form-advanced.php index 992aed1232..a7caf2005e 100644 --- a/wp-admin/edit-form-advanced.php +++ b/wp-admin/edit-form-advanced.php @@ -115,7 +115,7 @@ edCanvas = document.getElementById('content'); - +
- + diff --git a/wp-admin/post.php b/wp-admin/post.php index 934f5ea5bb..17cf9909ca 100644 --- a/wp-admin/post.php +++ b/wp-admin/post.php @@ -61,7 +61,7 @@ case 'post': if ( empty($post_status) ) $post_status = 'draft'; // Double-check - if ( 'publish' == $post_status && (!user_can_create_post($user_ID)) && 2 != get_option('new_users_can_blog') ) + if ( 'publish' == $post_status && (!user_can_create_post($user_ID)) ) $post_status = 'draft'; $comment_status = $_POST['comment_status']; if ( empty($comment_status) && !isset($_POST['advanced_view']) ) @@ -229,6 +229,11 @@ case 'edit': if( 'private' == $postdata->post_status && $postdata->post_author != $user_ID ) die ( __('You are not allowed to view other users\' private posts.') ); + if ( 'publish' == $post_status && (!user_can_create_post($user_ID)) ) { + _e('You are not allowed to edit published posts.'); + break; + } + if ($post_status == 'static') { $page_template = get_post_meta($post_ID, '_wp_page_template', true); include('edit-page-form.php'); @@ -305,7 +310,7 @@ case 'editpost': if (isset($_POST['publish'])) $post_status = 'publish'; // Double-check - if ( 'publish' == $post_status && (!user_can_create_post($user_ID)) && 2 != get_option('new_users_can_blog') ) + if ( 'publish' == $post_status && (!user_can_create_post($user_ID)) ) $post_status = 'draft'; if (empty($post_name) || 'draft' == $post_status ) { diff --git a/wp-register.php b/wp-register.php index e7b90e41d9..e8eac7ad0f 100644 --- a/wp-register.php +++ b/wp-register.php @@ -54,7 +54,7 @@ case 'register': $user_nickname = $user_login; $user_nicename = sanitize_title($user_nickname); $now = gmdate('Y-m-d H:i:s'); - if (get_settings('new_users_can_blog') >= 1) $user_level = 1; + $user_level = get_settings('new_users_can_blog'); $password = substr( md5( uniqid( microtime() ) ), 0, 7); $result = $wpdb->query("INSERT INTO $wpdb->users