sergiotarxz/Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Check for comment existence before checking edit_comment meta cap. props xknown, fixes #18104.

Browse Source 
git-svn-id: https://develop.svn.wordpress.org/trunk@18584 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Andrew Nacin 2011-08-23 10:22:34 +00:00
parent ee57e82c80
commit 4b3374e66d
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
wp-includes/class-wp-xmlrpc-server.php
View File

@ -1134,14 +1134,14 @@ class wp_xmlrpc_server extends IXR_Server {
if ( !current_user_can( 'moderate_comments' ) ) if ( !current_user_can( 'moderate_comments' ) )
return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) ); return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
if ( ! get_comment($comment_ID) )
return new IXR_Error( 404, __( 'Invalid comment ID.' ) );
if ( !current_user_can( 'edit_comment', $comment_ID ) ) if ( !current_user_can( 'edit_comment', $comment_ID ) )
return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) ); return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
do_action('xmlrpc_call', 'wp.deleteComment'); do_action('xmlrpc_call', 'wp.deleteComment');
if ( ! get_comment($comment_ID) )
return new IXR_Error( 404, __( 'Invalid comment ID.' ) );
return wp_delete_comment($comment_ID); return wp_delete_comment($comment_ID);
} }
@ -1184,14 +1184,14 @@ class wp_xmlrpc_server extends IXR_Server {
if ( !current_user_can( 'moderate_comments' ) ) if ( !current_user_can( 'moderate_comments' ) )
return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) ); return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
if ( ! get_comment($comment_ID) )
return new IXR_Error( 404, __( 'Invalid comment ID.' ) );
if ( !current_user_can( 'edit_comment', $comment_ID ) ) if ( !current_user_can( 'edit_comment', $comment_ID ) )
return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) ); return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
do_action('xmlrpc_call', 'wp.editComment'); do_action('xmlrpc_call', 'wp.editComment');
if ( ! get_comment($comment_ID) )
return new IXR_Error( 404, __( 'Invalid comment ID.' ) );
if ( isset($content_struct['status']) ) { if ( isset($content_struct['status']) ) {
$statuses = get_comment_statuses(); $statuses = get_comment_statuses();
$statuses = array_keys($statuses); $statuses = array_keys($statuses);