WordPress.org

Make WordPress Core

Ticket #14520: edit_comment.2.diff

File edit_comment.2.diff, 7.0 KB (added by scribu, 4 years ago)

use edit_comment in more places

  • wp-includes/link-template.php

     
    874874 * @return string 
    875875 */ 
    876876function get_edit_comment_link( $comment_id = 0 ) { 
    877         $comment = &get_comment( $comment_id ); 
    878         $post = &get_post( $comment->comment_post_ID ); 
     877        if ( !current_user_can('edit_comment', $comment_id) ) 
     878                return; 
    879879 
    880         if ( $post->post_type == 'page' ) { 
    881                 if ( !current_user_can( 'edit_page', $post->ID ) ) 
    882                         return; 
    883         } else { 
    884                 if ( !current_user_can( 'edit_post', $post->ID ) ) 
    885                         return; 
    886         } 
    887  
    888         $location = admin_url('comment.php?action=editcomment&c=') . $comment->comment_ID; 
     880        $location = admin_url('comment.php?action=editcomment&c=') . $comment_id; 
    889881        return apply_filters( 'get_edit_comment_link', $location ); 
    890882} 
    891883 
     
    900892 * @return string|null HTML content, if $echo is set to false. 
    901893 */ 
    902894function edit_comment_link( $link = null, $before = '', $after = '' ) { 
    903         global $comment, $post; 
     895        global $comment; 
    904896 
    905         if ( $post->post_type == 'page' ) { 
    906                 if ( !current_user_can( 'edit_page', $post->ID ) ) 
    907                         return; 
    908         } else { 
    909                 if ( !current_user_can( 'edit_post', $post->ID ) ) 
    910                         return; 
    911         } 
     897        if ( !current_user_can('edit_comment', $comment->comment_ID) ) 
     898                return; 
    912899 
    913900        if ( null === $link ) 
    914901                $link = __('Edit This'); 
  • wp-includes/capabilities.php

     
    990990                else 
    991991                        $caps[] = 'read_private_pages'; 
    992992                break; 
     993        case 'edit_comment': 
     994                $caps[] = 'edit_published_posts'; 
     995 
     996                $comment = get_comment( $args[0] ); 
     997 
     998                if ( $comment->user_id != $user_id ) 
     999                        $caps[] = 'moderate_comments'; 
     1000                break; 
    9931001        case 'unfiltered_upload': 
    9941002                if ( defined('ALLOW_UNFILTERED_UPLOADS') && ALLOW_UNFILTERED_UPLOADS && ( !is_multisite() || is_super_admin( $user_id ) )  ) 
    9951003                        $caps[] = $cap; 
  • wp-admin/includes/dashboard.php

     
    586586        $comment_link = '<a class="comment-link" href="' . esc_url(get_comment_link()) . '">#</a>'; 
    587587 
    588588        $actions_string = ''; 
    589         if ( current_user_can('edit_post', $comment->comment_post_ID) ) { 
     589        if ( current_user_can('edit_comment', $comment->comment_ID) ) { 
    590590                // preorder it: Approve | Reply | Edit | Spam | Trash 
    591591                $actions = array( 
    592592                        'approve' => '', 'unapprove' => '', 
  • wp-admin/includes/template.php

     
    20042004        $comment = get_comment( $comment_id ); 
    20052005        $post = get_post($comment->comment_post_ID); 
    20062006        $the_comment_status = wp_get_comment_status($comment->comment_ID); 
    2007         $post_type_object = get_post_type_object($post->post_type); 
    2008         $user_can = current_user_can($post_type_object->cap->edit_post, $post->ID); 
     2007        $user_can = current_user_can('edit_comment', $comment_id); 
    20092008 
    20102009        $comment_url = esc_url(get_comment_link($comment->comment_ID)); 
    20112010        $author_url = get_comment_author_url(); 
     
    20252024                $del_nonce = esc_html( '_wpnonce=' . wp_create_nonce( "delete-comment_$comment->comment_ID" ) ); 
    20262025                $approve_nonce = esc_html( '_wpnonce=' . wp_create_nonce( "approve-comment_$comment->comment_ID" ) ); 
    20272026 
    2028                 $approve_url = esc_url( "comment.php?action=approvecomment&p=$post->ID&c=$comment->comment_ID&$approve_nonce" ); 
    2029                 $unapprove_url = esc_url( "comment.php?action=unapprovecomment&p=$post->ID&c=$comment->comment_ID&$approve_nonce" ); 
    2030                 $spam_url = esc_url( "comment.php?action=spamcomment&p=$post->ID&c=$comment->comment_ID&$del_nonce" ); 
    2031                 $unspam_url = esc_url( "comment.php?action=unspamcomment&p=$post->ID&c=$comment->comment_ID&$del_nonce" ); 
    2032                 $trash_url = esc_url( "comment.php?action=trashcomment&p=$post->ID&c=$comment->comment_ID&$del_nonce" ); 
    2033                 $untrash_url = esc_url( "comment.php?action=untrashcomment&p=$post->ID&c=$comment->comment_ID&$del_nonce" ); 
    2034                 $delete_url = esc_url( "comment.php?action=deletecomment&p=$post->ID&c=$comment->comment_ID&$del_nonce" ); 
     2027                $approve_url = esc_url( "comment.php?action=approvecomment&c=$comment->comment_ID&$approve_nonce" ); 
     2028                $unapprove_url = esc_url( "comment.php?action=unapprovecomment&c=$comment->comment_ID&$approve_nonce" ); 
     2029                $spam_url = esc_url( "comment.php?action=spamcomment&c=$comment->comment_ID&$del_nonce" ); 
     2030                $unspam_url = esc_url( "comment.php?action=unspamcomment&c=$comment->comment_ID&$del_nonce" ); 
     2031                $trash_url = esc_url( "comment.php?action=trashcomment&c=$comment->comment_ID&$del_nonce" ); 
     2032                $untrash_url = esc_url( "comment.php?action=untrashcomment&c=$comment->comment_ID&$del_nonce" ); 
     2033                $delete_url = esc_url( "comment.php?action=deletecomment&c=$comment->comment_ID&$del_nonce" ); 
    20352034        } 
    20362035 
    20372036        echo "<tr id='comment-$comment->comment_ID' class='$the_comment_status'>"; 
  • wp-admin/comment.php

     
    6060        if ( !$comment = get_comment( $comment_id ) ) 
    6161                comment_footer_die( __('Oops, no comment with this ID.') . sprintf(' <a href="%s">'.__('Go back').'</a>!', 'javascript:history.go(-1)') ); 
    6262 
    63         if ( !current_user_can('edit_post', $comment->comment_post_ID) ) 
    64                 comment_footer_die( __('You are not allowed to edit comments on this post.') ); 
     63        if ( !current_user_can('edit_comment', $comment_id) ) 
     64                comment_footer_die( __('You are not allowed to edit this comment.') ); 
    6565 
    6666        if ( 'trash' == $comment->comment_approved ) 
    6767                comment_footer_die( __('This comment is in the Trash. Please move it out of the Trash if you want to edit it.') ); 
     
    8484                die(); 
    8585        } 
    8686 
    87         if ( !current_user_can( 'edit_post', $comment->comment_post_ID ) ) { 
     87        if ( !current_user_can( 'edit_comment', $comment->comment_ID ) ) { 
    8888                wp_redirect( admin_url('edit-comments.php?error=2') ); 
    8989                die(); 
    9090        } 
     
    184184 
    185185<?php wp_nonce_field( $nonce_action ); ?> 
    186186<input type='hidden' name='action' value='<?php echo esc_attr($formaction); ?>' /> 
    187 <input type='hidden' name='p' value='<?php echo esc_attr($comment->comment_post_ID); ?>' /> 
    188187<input type='hidden' name='c' value='<?php echo esc_attr($comment->comment_ID); ?>' /> 
    189188<input type='hidden' name='noredir' value='1' /> 
    190189</form> 
     
    212211 
    213212        if ( !$comment = get_comment($comment_id) ) 
    214213                comment_footer_die( __('Oops, no comment with this ID.') . sprintf(' <a href="%s">'.__('Go back').'</a>!', 'edit-comments.php') ); 
    215         if ( !current_user_can('edit_post', $comment->comment_post_ID ) ) 
     214        if ( !current_user_can('edit_comment', $comment->comment_ID ) ) 
    216215                comment_footer_die( __('You are not allowed to edit comments on this post.') ); 
    217216 
    218217        if ( '' != wp_get_referer() && ! $noredir && false === strpos(wp_get_referer(), 'comment.php') )