diff --git a/wp-admin/css/press-this.css b/wp-admin/css/press-this.css
index 2fb94c933..da7aaeca6 100644
--- a/wp-admin/css/press-this.css
+++ b/wp-admin/css/press-this.css
@@ -16,6 +16,10 @@ img {
 	background: #444 !important;
 }
 
+.tagchecklist span a {
+background: transparent url(../images/xit.gif) no-repeat 0 0;
+}
+
 #poststuff #edButtonPreview,
 #poststuff #edButtonHTML {
 	-moz-border-radius: 3px 3px 0 0;
diff --git a/wp-admin/press-this.php b/wp-admin/press-this.php
index a9524ac79..b7dc41632 100644
--- a/wp-admin/press-this.php
+++ b/wp-admin/press-this.php
@@ -10,7 +10,7 @@
 require_once('admin.php');
 header('Content-Type: ' . get_option('html_type') . '; charset=' . get_option('blog_charset'));
 
-if ( ! current_user_can('publish_posts') ) wp_die( __( 'Cheatin’ uh?' ) );
+if ( ! current_user_can('edit_posts') ) wp_die( __( 'Cheatin’ uh?' ) );
 
 /**
  * Replace forward slash with backslash and slash.
@@ -64,16 +64,14 @@ function press_it() {
 	$post_ID = wp_insert_post($quick, true);
 	$content = $_REQUEST['content'];
 
-	if($_REQUEST['photo_src'])
+	if( $_REQUEST['photo_src'] && current_user_can('upload_files') )
 		foreach( (array) $_REQUEST['photo_src'] as $key => $image)
 			// see if files exist in content - we don't want to upload non-used selected files.
 			if( strpos($_REQUEST['content'], $image) !== false ) {
 				$upload = media_sideload_image($image, $post_ID, $_REQUEST['photo_description'][$key]);
-
-				// Replace the POSTED content <img> with correct uploaded ones.
-				// escape quote for matching
-				$quoted = preg_quote2($image);
-				if( !is_wp_error($upload) ) $content = preg_replace('/<img ([^>]*)src=(\"|\')'.$quoted.'(\2)([^>\/]*)\/*>/is', $upload, $content);
+				
+				// Replace the POSTED content <img> with correct uploaded ones. Regex contains fix for Magic Quotes
+				if( !is_wp_error($upload) ) $content = preg_replace('/<img ([^>]*)src=\\\?(\"|\')'.preg_quote2($image).'\\\?(\2)([^>\/]*)\/*>/is', $upload, $content);
 			}
 
 	// set the post_content and status
@@ -461,7 +459,22 @@ var ajaxurl = '<?php echo admin_url('admin-ajax.php'); ?>';
 
 			<!-- This div holds the photo metadata -->
 			<div class="photolist"></div>
-
+			
+			<div id="submitdiv" class="stuffbox">
+				<h3><?php _e('Publish') ?></h3>
+				<div class="inside">
+					<p>
+						<input class="button" type="submit" name="draft" value="<?php _e('Save Draft') ?>" id="save" />
+						<?php if ( current_user_can('publish_posts') ) { ?>
+							<input class="button-primary" type="submit" name="publish" value="<?php _e('Publish') ?>" id="publish" />
+						<?php } else { ?>
+							<br /><br /><input class="button-primary" type="submit" name="review" value="<?php _e('Submit for Review') ?>" id="review" />
+						<?php } ?>
+						<img src="images/loading-publish.gif" alt="" id="saving" style="display:none;" />
+					</p>
+				</div>
+			</div>
+			
 			<div id="categorydiv" class="stuffbox">
 				<h3><?php _e('Categories') ?></h3>
 				<div class="inside">
@@ -502,16 +515,6 @@ var ajaxurl = '<?php echo admin_url('admin-ajax.php'); ?>';
 					<p class="tagcloud-link"><a href="#titlediv" class="tagcloud-link" id="link-post_tag"><?php _e('Choose from the most used tags in Post Tags'); ?></a></p>
 				</div>
 			</div>
-			<div id="submitdiv" class="stuffbox">
-				<h3><?php _e('Publish') ?></h3>
-				<div class="inside">
-					<p>
-						<input class="button" type="submit" name="draft" value="<?php _e('Save Draft') ?>" id="save" />
-						<input class="button-primary" type="submit" name="publish" value="<?php _e('Publish') ?>" id="publish" />
-						<img src="images/loading-publish.gif" alt="" id="saving" style="display:none;" />
-					</p>
-				</div>
-			</div>
 		</div>
 	</div>
 
@@ -530,9 +533,11 @@ var ajaxurl = '<?php echo admin_url('admin-ajax.php'); ?>';
 
 		<div class="postdivrich">
 			<ul id="actions">
+				
 				<li id="photo_button">
-					Add: <a title="<?php _e('Insert an Image'); ?>" href="#">
+					Add: <?php if ( current_user_can('upload_files') ) { ?><a title="<?php _e('Insert an Image'); ?>" href="#">
 <img alt="<?php _e('Insert an Image'); ?>" src="images/media-button-image.gif"/></a>
+					<?php } ?>
 				</li>
 				<li id="video_button">
 					<a title="<?php _e('Embed a Video'); ?>" href="#"><img alt="<?php _e('Embed a Video'); ?>" src="images/media-button-video.gif"/></a>
diff --git a/wp-admin/tools.php b/wp-admin/tools.php
index 455eddf0a..210489f5b 100644
--- a/wp-admin/tools.php
+++ b/wp-admin/tools.php
@@ -77,7 +77,7 @@ if ( ! $is_opera ) {
 } ?>
 </div>
 
-<?php if ( current_user_can('publish_posts') ) : ?>
+<?php if ( current_user_can('edit_posts') ) : ?>
 <div class="tool-box">
 	<h3 class="title"><?php _e('Press This') ?></h3>
 	<p><?php _e('Press This is a bookmarklet: a little app that runs in your browser and lets you grab bits of the web.');?></p>