[wp-trac] [WordPress Trac] #27452: Contributors can publish privately (was: Can't set status to 'private' without publishing capability)
WordPress Trac
noreply at wordpress.org
Wed Mar 19 20:23:20 UTC 2014
#27452: Contributors can publish privately
-------------------------------+------------------------------
Reporter: plocha | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Posts, Post Types | Version: 3.8.1
Severity: normal | Resolution:
Keywords: needs-patch | Focuses: ui
-------------------------------+------------------------------
Changes (by plocha):
* keywords: => needs-patch
Comment:
Okay thanks, I interpreted the private status incorrectly. In that case we
shouldn't only implement the restriction in Quick Edit but also in edit
processing. The latter should be done in wp_insert_post imho.
Btw I'm sure the server-side post edit processing contains more bugs of
this type. That's the second time I found a input validation bug in
wp_insert_post unintentionally.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/27452#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list