+
+
+ post_type )->public ) {
+ $preview_link = set_url_scheme( add_query_arg( 'preview', 'true', get_permalink( $post->ID ) ) );
+
+ if ( 'publish' == $post->post_status || $user->ID != $post->post_author ) {
+ // Latest content is in autosave
+ $nonce = wp_create_nonce( 'post_preview_' . $post->ID );
+ $preview_link = add_query_arg( array( 'preview_id' => $post->ID, 'preview_nonce' => $nonce ), $preview_link );
+ }
+ } else {
+ $preview_link = '';
+ }
+
+ $preview_link = apply_filters( 'preview_post_link', $preview_link );
+ $override = apply_filters( 'override_post_lock', true, $post, $user );
+ $tab_last = $override ? '' : ' wp-tab-last';
+
+ ?>
+
+
ID, 64 ); ?>
+
+ display_name ) );
+ ?>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ ID;
- $new_autosave['post_author'] = get_current_user_id();
+ $new_autosave['post_author'] = $post_author;
+
+ // If the new autosave is the same content as the post, delete the old autosave.
+ $post = get_post( $post_id );
+ $autosave_is_different = false;
+ foreach ( array_keys( _wp_post_revision_fields() ) as $field ) {
+ if ( normalize_whitespace( $new_autosave[ $field ] ) != normalize_whitespace( $post->$field ) ) {
+ $autosave_is_different = true;
+ break;
+ }
+ }
+
+ if ( ! $autosave_is_different ) {
+ wp_delete_post_revision( $old_autosave->ID );
+ return;
+ }
+
return wp_update_post( $new_autosave );
}
// _wp_put_post_revision() expects unescaped.
- $_POST = stripslashes_deep($_POST);
+ $post_data = wp_unslash( $_POST );
// Otherwise create the new autosave as a special post revision
- return _wp_put_post_revision( $_POST, true );
+ return _wp_put_post_revision( $post_data, true );
}
/**
@@ -1311,16 +1452,18 @@ function post_preview() {
$post = get_post($post_ID);
if ( 'page' == $post->post_type ) {
- if ( !current_user_can('edit_page', $post_ID) )
- wp_die(__('You are not allowed to edit this page.'));
+ if ( ! current_user_can('edit_page', $post_ID) )
+ wp_die( __('You are not allowed to edit this page.') );
} else {
- if ( !current_user_can('edit_post', $post_ID) )
- wp_die(__('You are not allowed to edit this post.'));
+ if ( ! current_user_can('edit_post', $post_ID) )
+ wp_die( __('You are not allowed to edit this post.') );
}
- if ( 'draft' == $post->post_status ) {
+ $user_id = get_current_user_id();
+ $locked = wp_check_post_lock( $post->ID );
+ if ( ! $locked && 'draft' == $post->post_status && $user_id == $post->post_author ) {
$id = edit_post();
- } else { // Non drafts are not overwritten. The autosave is stored in a special post revision.
+ } else { // Non drafts are not overwritten. The autosave is stored in a special post revision.
$id = wp_create_post_autosave( $post->ID );
if ( ! is_wp_error($id) )
$id = $post->ID;
@@ -1329,12 +1472,21 @@ function post_preview() {
if ( is_wp_error($id) )
wp_die( $id->get_error_message() );
- if ( $_POST['post_status'] == 'draft' ) {
+ if ( ! $locked && $_POST['post_status'] == 'draft' && $user_id == $post->post_author ) {
$url = add_query_arg( 'preview', 'true', get_permalink($id) );
} else {
$nonce = wp_create_nonce('post_preview_' . $id);
- $url = add_query_arg( array( 'preview' => 'true', 'preview_id' => $id, 'preview_nonce' => $nonce ), get_permalink($id) );
+ $args = array(
+ 'preview' => 'true',
+ 'preview_id' => $id,
+ 'preview_nonce' => $nonce,
+ );
+
+ if ( isset( $_POST['post_format'] ) )
+ $args['post_format'] = empty( $_POST['post_format'] ) ? 'standard' : sanitize_key( $_POST['post_format'] );
+
+ $url = add_query_arg( $args, get_permalink($id) );
}
- return $url;
+ return apply_filters( 'preview_post_link', $url );
}