[wp-trac] [WordPress Trac] #13509: Searching doesn't return Private results to logged in users with read_private_ permissions
WordPress Trac
wp-trac at lists.automattic.com
Mon May 24 00:31:11 UTC 2010
#13509: Searching doesn't return Private results to logged in users with
read_private_ permissions
--------------------------+-------------------------------------------------
Reporter: inbytesinc | Owner: ryan
Type: defect (bug) | Status: new
Priority: normal | Milestone: Unassigned
Component: Query | Version: 2.9.1
Severity: normal | Keywords: query search private logged
--------------------------+-------------------------------------------------
When you do a search with these requirements...[[BR]]
- You are a registered user.[[BR]]
- You are logged in.[[BR]]
- You have '''''read_private_posts''''' permissions.
... you expect seeing in the results those Private posts that contains
your query's terms.
But you end up with showing only the ones that belongs to you. I think the
bug is in these lines:
{{{
if ( is_user_logged_in() ) {
$where .= current_user_can( "read_private_{$post_type_cap}s" ) ? "
OR $wpdb->posts.post_status = 'private'" : " OR $wpdb->posts.post_author =
$user_ID AND $wpdb->posts.post_status = 'private'";
}
}}}
As '''''$post_type_cap''''' is set to "any" when you do a search, the
conditional expression always fails as it's asking for this:
{{{
current_user_can( "read_private_anys" )
}}}
... and ends up always in the second part of the conditional expression.
That is:
{{{
" OR $wpdb->posts.post_author = $user_ID AND $wpdb->posts.post_status =
'private'"
}}}
Thanks.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/13509>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list