Posts, Post Types: Fail gracefully when checking whether the post should be displayed in WP_Query::get_posts()
against unregistered post status.
If the post status is not registered, assume it's not public. Follow-up to [47178]. Props roytanck. See #48653. git-svn-id: https://develop.svn.wordpress.org/trunk@47179 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
parent
6f15251aa4
commit
9e5c22aa09
@ -3066,37 +3066,43 @@ class WP_Query {
|
||||
// Check post status to determine if post should be displayed.
|
||||
if ( ! empty( $this->posts ) && ( $this->is_single || $this->is_page ) ) {
|
||||
$status = get_post_status( $this->posts[0] );
|
||||
|
||||
if ( 'attachment' === $this->posts[0]->post_type && 0 === (int) $this->posts[0]->post_parent ) {
|
||||
$this->is_page = false;
|
||||
$this->is_single = true;
|
||||
$this->is_attachment = true;
|
||||
}
|
||||
$post_status_obj = get_post_status_object( $status );
|
||||
|
||||
// If the post_status was specifically requested, let it pass through.
|
||||
if ( ! $post_status_obj->public && ! in_array( $status, $q_status ) ) {
|
||||
if ( ! in_array( $status, $q_status ) ) {
|
||||
$post_status_obj = get_post_status_object( $status );
|
||||
|
||||
if ( ! is_user_logged_in() ) {
|
||||
// User must be logged in to view unpublished posts.
|
||||
$this->posts = array();
|
||||
} else {
|
||||
if ( $post_status_obj->protected ) {
|
||||
// User must have edit permissions on the draft to preview.
|
||||
if ( ! current_user_can( $edit_cap, $this->posts[0]->ID ) ) {
|
||||
$this->posts = array();
|
||||
} else {
|
||||
$this->is_preview = true;
|
||||
if ( 'future' != $status ) {
|
||||
$this->posts[0]->post_date = current_time( 'mysql' );
|
||||
}
|
||||
}
|
||||
} elseif ( $post_status_obj->private ) {
|
||||
if ( ! current_user_can( $read_cap, $this->posts[0]->ID ) ) {
|
||||
$this->posts = array();
|
||||
}
|
||||
} else {
|
||||
if ( $post_status_obj && ! $post_status_obj->public ) {
|
||||
if ( ! is_user_logged_in() ) {
|
||||
// User must be logged in to view unpublished posts.
|
||||
$this->posts = array();
|
||||
} else {
|
||||
if ( $post_status_obj->protected ) {
|
||||
// User must have edit permissions on the draft to preview.
|
||||
if ( ! current_user_can( $edit_cap, $this->posts[0]->ID ) ) {
|
||||
$this->posts = array();
|
||||
} else {
|
||||
$this->is_preview = true;
|
||||
if ( 'future' != $status ) {
|
||||
$this->posts[0]->post_date = current_time( 'mysql' );
|
||||
}
|
||||
}
|
||||
} elseif ( $post_status_obj->private ) {
|
||||
if ( ! current_user_can( $read_cap, $this->posts[0]->ID ) ) {
|
||||
$this->posts = array();
|
||||
}
|
||||
} else {
|
||||
$this->posts = array();
|
||||
}
|
||||
}
|
||||
} else {
|
||||
// Post status is not registered, assume it's not public.
|
||||
$this->posts = array();
|
||||
}
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user