[wp-trac] [WordPress Trac] #7832: Autosave fails for users with the
"Author" role.
WordPress Trac
wp-trac at lists.automattic.com
Mon Oct 6 00:06:45 GMT 2008
#7832: Autosave fails for users with the "Author" role.
----------------------------+-----------------------------------------------
Reporter: beaulebens | Owner: anonymous
Type: defect | Status: new
Priority: normal | Milestone: 2.7
Component: Administration | Version:
Severity: normal | Keywords: editor, ajax
----------------------------+-----------------------------------------------
If a user's role is set as "Author" then the autosave functionality of the
editor will fail. So far the symptoms I've seen have been either returning
a 500 error from the AJAX request (seen in FireBug using FF3, although
these errors are seen on all browsers), or also as a big error in the
right editor sidebar saying "You are not allowed to edit posts as this
user".
When the error message appears, it also wraps the page content in the
default admin error page layout (gray background, white box, rounded
corners) and thus shrinks the page.
I tracked it down to being because the AJAX POST is failing to include a
user_ID value, so when the security checks are made, they fail. One way to
fix this is to add the user_ID to the AJAX POST.
/wp-includes/js/autosave.js -- Line 167, add:
{{{
user_ID: jQuery('#user-id').val() || 0,
}}}
If not through this method, then the user_ID needs to be derived from the
request somehow else in /wp-admin/admin-ajax.php before line 565 (or
somewhere in the flow of the wp_create_post_autosave() function) to avoid
the error.
--
Ticket URL: <http://trac.wordpress.org/ticket/7832>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list