Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-06-26 14:54:57 +02:00
Code Issues Projects Releases Wiki Activity

Improve the autosave error message on nonce failure.

Browse Source 
see #27453, #25272.

Built from https://develop.svn.wordpress.org/trunk@27611


git-svn-id: http://core.svn.wordpress.org/trunk@27454 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Andrew Nacin 2014-03-19 05:47:22 +00:00
parent 722bdc353f
commit 064f3d7191
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
wp-admin/includes/post.php
View File

@ -1434,13 +1434,15 @@ function wp_autosave( $post_data ) {
$post_id = (int) $post_data['post_id'];
$post_data['ID'] = $post_data['post_ID'] = $post_id;
if ( false === wp_verify_nonce( $post_data['_wpnonce'], 'update-post_' . $post_id ) )
return new WP_Error( 'invalid_nonce', __('ERROR: invalid post data.') );
if ( false === wp_verify_nonce( $post_data['_wpnonce'], 'update-post_' . $post_id ) ) {
return new WP_Error( 'invalid_nonce', __( 'Error while saving.' ) );
}
$post = get_post( $post_id );
if ( ! current_user_can( 'edit_post', $post->ID ) )
return new WP_Error( 'edit_post', __('You are not allowed to edit this item.') );
if ( ! current_user_can( 'edit_post', $post->ID ) ) {
return new WP_Error( 'edit_posts', __( 'You are not allowed to edit this item.' ) );
}
if ( 'auto-draft' == $post->post_status )
$post_data['post_status'] = 'draft';