From b677baf5640add3f97afd76983252a462a639c05 Mon Sep 17 00:00:00 2001
From: Ryan Boren <ryan@git.wordpress.org>
Date: Mon, 20 Dec 2010 12:38:21 +0000
Subject: [PATCH] Restrict meta update/delete to the current post. Props
 kawauso. fixes #15276

git-svn-id: https://develop.svn.wordpress.org/trunk@17078 602fd350-edb4-49c9-b593-d223f7449a82
---
 wp-admin/includes/post.php | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/wp-admin/includes/post.php b/wp-admin/includes/post.php
index 767c24ad6a..6d0d794af1 100644
--- a/wp-admin/includes/post.php
+++ b/wp-admin/includes/post.php
@@ -192,13 +192,23 @@ function edit_post( $post_data = null ) {
 
 	// Meta Stuff
 	if ( isset($post_data['meta']) && $post_data['meta'] ) {
-		foreach ( $post_data['meta'] as $key => $value )
+		foreach ( $post_data['meta'] as $key => $value ) {
+			if ( !$meta = get_post_meta_by_id( $key ) )
+				continue;
+			if ( $meta->post_id != $post_ID )
+				continue;
 			update_meta( $key, $value['key'], $value['value'] );
+		}
 	}
 
 	if ( isset($post_data['deletemeta']) && $post_data['deletemeta'] ) {
-		foreach ( $post_data['deletemeta'] as $key => $value )
+		foreach ( $post_data['deletemeta'] as $key => $value ) {
+			if ( !$meta = get_post_meta_by_id( $key ) )
+				continue;
+			if ( $meta->post_id != $post_ID )
+				continue;
 			delete_meta( $key );
+		}
 	}
 
 	add_meta( $post_ID );