diff options
author | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2007-02-05 11:49:12 +0000 |
---|---|---|
committer | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2007-02-05 11:49:12 +0000 |
commit | 6ef7b48c2da1ad9731e1f4734be86ed3ae5afca0 (patch) | |
tree | 0a0c0a8c8146ef18a1aa87016c9a3f7e3ced1618 /xmlrpc.php | |
parent | 4c4e0fc82e70e810472721ad23aac64ba2c5b6e1 (diff) | |
download | wordpress-mu-6ef7b48c2da1ad9731e1f4734be86ed3ae5afca0.tar.gz wordpress-mu-6ef7b48c2da1ad9731e1f4734be86ed3ae5afca0.tar.xz wordpress-mu-6ef7b48c2da1ad9731e1f4734be86ed3ae5afca0.zip |
WP Merge to rev 4865
git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@879 7be80a69-a1ef-0310-a953-fb0f7c49ff36
Diffstat (limited to 'xmlrpc.php')
-rw-r--r-- | xmlrpc.php | 45 |
1 files changed, 40 insertions, 5 deletions
@@ -227,7 +227,8 @@ class wp_xmlrpc_server extends IXR_Server { "wp_page_parent_id" => $page->post_parent, "wp_page_parent_title" => $parent_title, "wp_page_order" => $page->menu_order, - "wp_author_username" => $author->user_login + "wp_author_id" => $author->ID, + "wp_author_display_username" => $author->display_name ); return($page_struct); @@ -947,6 +948,23 @@ class wp_xmlrpc_server extends IXR_Server { // If an author id was provided then use it instead. if(!empty($content_struct["wp_author_id"])) { + switch($post_type) { + case "post": + if(!current_user_can("edit_others_posts")) { + return(new IXR_Error(401, "You are not allowed to " . + "post as this user")); + } + break; + case "page": + if(!current_user_can("edit_others_pages")) { + return(new IXR_Error(401, "You are not allowed to " . + "create pages as this user")); + } + break; + default: + return(new IXR_Error(401, "Invalid post type.")); + break; + } $post_author = $content_struct["wp_author_id"]; } @@ -1079,6 +1097,23 @@ class wp_xmlrpc_server extends IXR_Server { // Only set the post_author if one is set. if(!empty($content_struct["wp_author_id"])) { + switch($post_type) { + case "post": + if(!current_user_can("edit_others_posts")) { + return(new IXR_Error(401, "You are not allowed to " . + "change the post author as this user.")); + } + break; + case "page": + if(!current_user_can("edit_others_pages")) { + return(new IXR_Error(401, "You are not allowed to " . + "change the page author as this user.")); + } + break; + default: + return(new IXR_Error(401, "Invalid post type.")); + break; + } $post_author = $content_struct["wp_author_id"]; } @@ -1199,8 +1234,8 @@ class wp_xmlrpc_server extends IXR_Server { 'mt_allow_pings' => $allow_pings, 'wp_slug' => $postdata['post_name'], 'wp_password' => $postdata['post_password'], - 'wp_author' => $author->display_name, - 'wp_author_username' => $author->user_login + 'wp_author_id' => $author->ID, + 'wp_author_display_name' => $author->display_name ); return $resp; @@ -1266,8 +1301,8 @@ class wp_xmlrpc_server extends IXR_Server { 'mt_allow_pings' => $allow_pings, 'wp_slug' => $entry['post_name'], 'wp_password' => $entry['post_password'], - 'wp_author' => $author->display_name, - 'wp_author_username' => $author->user_login + 'wp_author_id' => $author->ID, + 'wp_author_display_name' => $author->display_name ); } |