mirror of
https://github.com/WordPress/WordPress.git
synced 2025-01-03 06:57:35 +01:00
Fix wp.getPages response when fetching pages the current user does not have caps for. Props maxcutler, redsweater. fixes #20629
git-svn-id: http://core.svn.wordpress.org/trunk@20807 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
a6894d0b59
commit
0983e9afcb
@ -753,6 +753,77 @@ class wp_xmlrpc_server extends IXR_Server {
|
|||||||
return apply_filters( 'xmlrpc_prepare_media_item', $_media_item, $media_item, $thumbnail_size );
|
return apply_filters( 'xmlrpc_prepare_media_item', $_media_item, $media_item, $thumbnail_size );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Prepares page data for return in an XML-RPC object.
|
||||||
|
*
|
||||||
|
* @access protected
|
||||||
|
*
|
||||||
|
* @param object $page The unprepared page data
|
||||||
|
* @return array The prepared page data
|
||||||
|
*/
|
||||||
|
protected function _prepare_page( $page ) {
|
||||||
|
// Get all of the page content and link.
|
||||||
|
$full_page = get_extended( $page->post_content );
|
||||||
|
$link = post_permalink( $page->ID );
|
||||||
|
|
||||||
|
// Get info the page parent if there is one.
|
||||||
|
$parent_title = "";
|
||||||
|
if ( ! empty( $page->post_parent ) ) {
|
||||||
|
$parent = get_page( $page->post_parent );
|
||||||
|
$parent_title = $parent->post_title;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Determine comment and ping settings.
|
||||||
|
$allow_comments = comments_open( $page->ID ) ? 1 : 0;
|
||||||
|
$allow_pings = pings_open( $page->ID ) ? 1 : 0;
|
||||||
|
|
||||||
|
// Format page date.
|
||||||
|
$page_date = $this->_convert_date( $page->post_date );
|
||||||
|
$page_date_gmt = $this->_convert_date_gmt( $page->post_date_gmt, $page->post_date );
|
||||||
|
|
||||||
|
// Pull the categories info together.
|
||||||
|
$categories = array();
|
||||||
|
foreach ( wp_get_post_categories( $page->ID ) as $cat_id ) {
|
||||||
|
$categories[] = get_cat_name( $cat_id );
|
||||||
|
}
|
||||||
|
|
||||||
|
// Get the author info.
|
||||||
|
$author = get_userdata( $page->post_author );
|
||||||
|
|
||||||
|
$page_template = get_page_template_slug( $page->ID );
|
||||||
|
if ( empty( $page_template ) )
|
||||||
|
$page_template = 'default';
|
||||||
|
|
||||||
|
$_page = array(
|
||||||
|
'dateCreated' => $page_date,
|
||||||
|
'userid' => $page->post_author,
|
||||||
|
'page_id' => $page->ID,
|
||||||
|
'page_status' => $page->post_status,
|
||||||
|
'description' => $full_page['main'],
|
||||||
|
'title' => $page->post_title,
|
||||||
|
'link' => $link,
|
||||||
|
'permaLink' => $link,
|
||||||
|
'categories' => $categories,
|
||||||
|
'excerpt' => $page->post_excerpt,
|
||||||
|
'text_more' => $full_page['extended'],
|
||||||
|
'mt_allow_comments' => $allow_comments,
|
||||||
|
'mt_allow_pings' => $allow_pings,
|
||||||
|
'wp_slug' => $page->post_name,
|
||||||
|
'wp_password' => $page->post_password,
|
||||||
|
'wp_author' => $author->display_name,
|
||||||
|
'wp_page_parent_id' => $page->post_parent,
|
||||||
|
'wp_page_parent_title' => $parent_title,
|
||||||
|
'wp_page_order' => $page->menu_order,
|
||||||
|
'wp_author_id' => (string) $author->ID,
|
||||||
|
'wp_author_display_name' => $author->display_name,
|
||||||
|
'date_created_gmt' => $page_date_gmt,
|
||||||
|
'custom_fields' => $this->get_custom_fields( $page->ID ),
|
||||||
|
'wp_page_template' => $page_template
|
||||||
|
);
|
||||||
|
|
||||||
|
return apply_filters( 'xmlrpc_prepare_page', $_page, $page );
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Create a new post for any registered post type.
|
* Create a new post for any registered post type.
|
||||||
*
|
*
|
||||||
@ -1833,66 +1904,7 @@ class wp_xmlrpc_server extends IXR_Server {
|
|||||||
|
|
||||||
// If we found the page then format the data.
|
// If we found the page then format the data.
|
||||||
if ( $page->ID && ($page->post_type == 'page') ) {
|
if ( $page->ID && ($page->post_type == 'page') ) {
|
||||||
// Get all of the page content and link.
|
return $this->_prepare_page( $page );
|
||||||
$full_page = get_extended($page->post_content);
|
|
||||||
$link = post_permalink($page->ID);
|
|
||||||
|
|
||||||
// Get info the page parent if there is one.
|
|
||||||
$parent_title = "";
|
|
||||||
if ( !empty($page->post_parent) ) {
|
|
||||||
$parent = get_page($page->post_parent);
|
|
||||||
$parent_title = $parent->post_title;
|
|
||||||
}
|
|
||||||
|
|
||||||
// Determine comment and ping settings.
|
|
||||||
$allow_comments = comments_open($page->ID) ? 1 : 0;
|
|
||||||
$allow_pings = pings_open($page->ID) ? 1 : 0;
|
|
||||||
|
|
||||||
// Format page date.
|
|
||||||
$page_date = $this->_convert_date( $page->post_date );
|
|
||||||
$page_date_gmt = $this->_convert_date_gmt( $page->post_date_gmt, $page->post_date );
|
|
||||||
|
|
||||||
// Pull the categories info together.
|
|
||||||
$categories = array();
|
|
||||||
foreach ( wp_get_post_categories($page->ID) as $cat_id ) {
|
|
||||||
$categories[] = get_cat_name($cat_id);
|
|
||||||
}
|
|
||||||
|
|
||||||
// Get the author info.
|
|
||||||
$author = get_userdata($page->post_author);
|
|
||||||
|
|
||||||
$page_template = get_page_template_slug( $page->ID );
|
|
||||||
if ( empty( $page_template ) )
|
|
||||||
$page_template = 'default';
|
|
||||||
|
|
||||||
$page_struct = array(
|
|
||||||
'dateCreated' => $page_date,
|
|
||||||
'userid' => $page->post_author,
|
|
||||||
'page_id' => $page->ID,
|
|
||||||
'page_status' => $page->post_status,
|
|
||||||
'description' => $full_page['main'],
|
|
||||||
'title' => $page->post_title,
|
|
||||||
'link' => $link,
|
|
||||||
'permaLink' => $link,
|
|
||||||
'categories' => $categories,
|
|
||||||
'excerpt' => $page->post_excerpt,
|
|
||||||
'text_more' => $full_page['extended'],
|
|
||||||
'mt_allow_comments' => $allow_comments,
|
|
||||||
'mt_allow_pings' => $allow_pings,
|
|
||||||
'wp_slug' => $page->post_name,
|
|
||||||
'wp_password' => $page->post_password,
|
|
||||||
'wp_author' => $author->display_name,
|
|
||||||
'wp_page_parent_id' => $page->post_parent,
|
|
||||||
'wp_page_parent_title' => $parent_title,
|
|
||||||
'wp_page_order' => $page->menu_order,
|
|
||||||
'wp_author_id' => (string) $author->ID,
|
|
||||||
'wp_author_display_name' => $author->display_name,
|
|
||||||
'date_created_gmt' => $page_date_gmt,
|
|
||||||
'custom_fields' => $this->get_custom_fields($page_id),
|
|
||||||
'wp_page_template' => $page_template
|
|
||||||
);
|
|
||||||
|
|
||||||
return($page_struct);
|
|
||||||
}
|
}
|
||||||
// If the page doesn't exist indicate that.
|
// If the page doesn't exist indicate that.
|
||||||
else {
|
else {
|
||||||
@ -1935,11 +1947,9 @@ class wp_xmlrpc_server extends IXR_Server {
|
|||||||
if ( $num_pages >= 1 ) {
|
if ( $num_pages >= 1 ) {
|
||||||
$pages_struct = array();
|
$pages_struct = array();
|
||||||
|
|
||||||
for ( $i = 0; $i < $num_pages; $i++ ) {
|
foreach ($pages as $page) {
|
||||||
$page = wp_xmlrpc_server::wp_getPage(array(
|
if ( current_user_can( 'edit_page', $page->ID ) )
|
||||||
$blog_id, $pages[$i]->ID, $username, $password
|
$pages_struct[] = $this->_prepare_page( $page );
|
||||||
));
|
|
||||||
$pages_struct[] = $page;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return($pages_struct);
|
return($pages_struct);
|
||||||
|
Loading…
Reference in New Issue
Block a user