id,summary,reporter,owner,description,type,status,priority,milestone,component,version,severity,resolution,keywords,cc 9211,"Recent comments widget with ""private"" and draft entries",menelicte,,"Issue: the wp 2.7.1 standard widget for the latest comments lists comments that are posted to a private entry, even if the user has no private entry reading capability. In this case, if the link is clicked, wordpress does not display the article because the user hasn't privileges. Context: a public multi-author site with commented private pages and posts Solution: If you're interested I've done a bit of changes (2 vars added, query modified) in wp_widget_recent_comments() in the 'wp-includes/widgets.php' file, to check user capabilities and to show only the list of viewable comments. The modified code is this: {{{ function wp_widget_recent_comments($args) { global $wpdb, $comments, $comment; extract($args, EXTR_SKIP); $options = get_option('widget_recent_comments'); $title = empty($options['title']) ? __('Recent Comments') : apply_filters('widget_title', $options['title']); if ( !$number = (int) $options['number'] ) $number = 5; else if ( $number < 1 ) $number = 1; else if ( $number > 15 ) $number = 15; $can_read_priv_posts=current_user_can('read_private_posts')?""OR p.post_type='post'"":""""; //row inserted $can_read_priv_pages=current_user_can('read_private_pages')?""OR p.post_type='page'"":""""; //row inserted if ( !$comments = wp_cache_get( 'recent_comments', 'widget' ) ) { $comments = $wpdb->get_results(""SELECT * FROM $wpdb->comments c LEFT JOIN $wpdb->posts p ON c.comment_post_id = p.ID WHERE c.comment_approved = '1' AND (p.post_status<>'private' $can_read_priv_posts $can_read_priv_pages ) ORDER BY c.comment_date_gmt DESC LIMIT $number""); //row modified wp_cache_add( 'recent_comments', $comments, 'widget' ); } ?>