From 6c9230ee3b32ae860d6ed2c2df333f69257b0e09 Mon Sep 17 00:00:00 2001
From: "Committo,Ergo:sum" <esj@rezo.net>
Date: Fri, 3 Nov 2006 16:49:38 +0000
Subject: [PATCH] =?UTF-8?q?Ne=20retirez=20pas=20au=20pauvre=20r=C3=A9dacte?=
 =?UTF-8?q?ur=20le=20seul=20droit=20qui=20lui=20reste:=20soumettre=20?=
 =?UTF-8?q?=C3=A0=20publication.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 ecrire/action/editer_article.php | 11 +++++++----
 ecrire/inc/auth.php              |  4 ++--
 2 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/ecrire/action/editer_article.php b/ecrire/action/editer_article.php
index fecd903688..640928e7f7 100644
--- a/ecrire/action/editer_article.php
+++ b/ecrire/action/editer_article.php
@@ -133,17 +133,20 @@ function revisions_articles ($id_article, $c=false) {
 
 	// Changer le statut de l'article ?
 	include_spip('inc/auth');
+
 	auth_rubrique($GLOBALS['auteur_session']['id_auteur'], $GLOBALS['auteur_session']['statut']);
 	$s = spip_query("SELECT statut, id_rubrique FROM spip_articles WHERE id_article=$id_article");
 	$row = spip_fetch_array($s);
 	$id_rubrique = $row['id_rubrique'];
 	$statut = $row['statut'];
 
-	if (_request('statut', $c)
-	AND _request('statut', $c) != $statut) {
+	$s = _request('statut', $c);
+	if ($s AND _request('statut', $c) != $statut) {
 		if (acces_rubrique($id_rubrique))
-			$statut = $champs['statut'] = _request('statut', $c);
-		// else erreur ?
+			$statut = $champs['statut'] = $s;
+		elseif (acces_article($id_article) AND  $s != 'publie')
+			$statut = $champs['statut'] = $s;
+		else spip_log("editer_article $id_article refus " . join(' ', $c));
 	}
 
 	// Verifier que la rubrique demandee existe et est differente
diff --git a/ecrire/inc/auth.php b/ecrire/inc/auth.php
index d4b10e4046..464a6cb68e 100644
--- a/ecrire/inc/auth.php
+++ b/ecrire/inc/auth.php
@@ -42,7 +42,7 @@ function acces_mots() {
 // http://doc.spip.org/@acces_article
 function acces_article($id_article)
 {
-	global $connect_id_auteur, $connect_toutes_rubriques;
+	global $auteur_session, $connect_toutes_rubriques;
 
 	if ($connect_toutes_rubriques) return true;
 
@@ -51,7 +51,7 @@ function acces_article($id_article)
 
 	if (acces_rubrique($row['id_rubrique'])) return true;
 
-	$s = auteurs_article($id_article, " id_auteur=$connect_id_auteur");
+	$s = auteurs_article($id_article, " id_auteur=" . $auteur_session['id_auteur']);
 	if (!spip_num_rows($s)) return false;
 
 	$s = $row['statut'];
-- 
GitLab