Ticket #17981: patch-core-17981.diff
| File patch-core-17981.diff, 1.9 KB (added by koke, 23 months ago) |
|---|
-
wp-includes/class-wp-xmlrpc-server.php
989 989 if ( !$user = $this->login($username, $password) ) 990 990 return $this->error; 991 991 992 if ( !current_user_can( 'moderate_comments' ) )993 return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );994 995 992 do_action('xmlrpc_call', 'wp.getComment'); 996 993 997 994 if ( ! $comment = get_comment($comment_id) ) 998 995 return new IXR_Error( 404, __( 'Invalid comment ID.' ) ); 999 996 997 if ( !current_user_can( 'moderate_comments' ) && '1' != $comment->comment_approved ) 998 return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) ); 999 1000 1000 // Format page date. 1001 1001 $comment_date = mysql2date('Ymd\TH:i:s', $comment->comment_date, false); 1002 1002 $comment_date_gmt = mysql2date('Ymd\TH:i:s', $comment->comment_date_gmt, false); … … 1040 1040 * 1041 1041 * Accepted 'filter' keys are 'status', 'post_id', 'offset', and 'number'. 1042 1042 * 1043 * If the user doesn't have permission to moderate comments, it returns only approved comments. 1044 * 1043 1045 * The defaults are as follows: 1044 1046 * - 'status' - Default is ''. Filter by status (e.g., 'approve', 'hold') 1045 1047 * - 'post_id' - Default is ''. The post where the comment is posted. Empty string shows all comments. … … 1063 1065 if ( !$user = $this->login($username, $password) ) 1064 1066 return $this->error; 1065 1067 1066 if ( !current_user_can( 'moderate_comments' ) )1067 return new IXR_Error( 401, __( 'Sorry, you cannot edit comments.' ) );1068 1069 1068 do_action('xmlrpc_call', 'wp.getComments'); 1070 1069 1071 1070 if ( isset($struct['status']) ) … … 1073 1072 else 1074 1073 $status = ''; 1075 1074 1075 if ( !current_user_can( 'moderate_comments' ) ) 1076 $status = 'approve'; 1077 1076 1078 $post_id = ''; 1077 1079 if ( isset($struct['post_id']) ) 1078 1080 $post_id = absint($struct['post_id']);
