From 8daebf1b28aa21ab2ebe84992c2bfac3a9b16efb Mon Sep 17 00:00:00 2001
From: Mike Little <mikelittle@git.wordpress.org>
Date: Thu, 6 Nov 2003 00:34:41 +0000
Subject: [PATCH] Fix for comment deletion priileges. Bug reported by Michael
 Renzmann

git-svn-id: https://develop.svn.wordpress.org/trunk@527 602fd350-edb4-49c9-b593-d223f7449a82
---
 wp-admin/wp-post.php | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/wp-admin/wp-post.php b/wp-admin/wp-post.php
index 49d6207b5f..1f524686cf 100644
--- a/wp-admin/wp-post.php
+++ b/wp-admin/wp-post.php
@@ -350,10 +350,17 @@ switch($action) {
 		if ($user_level == 0)
 			die ('Cheatin&#8217; uh?');
 
+
 		$comment = $HTTP_GET_VARS['comment'];
 		$p = $HTTP_GET_VARS['p'];
+
+		$postdata = get_postdata($p) or die('Oops, no post with this ID. <a href="wp-post.php">Go back</a>!');
 		$commentdata = get_commentdata($comment) or die('Oops, no comment with this ID. <a href="wp-post.php">Go back</a>!');
 
+		$authordata = get_userdata($postdata['Author_ID']);
+		if ($user_level < $authordata->user_level)
+			die ('You don&#8217;t have the right to delete <strong>'.$authordata->user_nickname.'</strong>&#8217;s post comments. <a href="wp-post.php">Go back</a>!');
+
 		$result = $wpdb->query("DELETE FROM $tablecomments WHERE comment_ID=$comment");
 
 		if($HTTP_SERVER_VARS['HTTP_REFERER'] != "") {