Make WordPress Core

Ticket #16129: 16129 - 3.2.2.patch

File 16129 - 3.2.2.patch, 721 bytes (added by casben79, 14 years ago)
  • comment.php

     
    3232 * @since 2.0.0
    3333 */
    3434function edit_comment() {
    35         $comment_post_ID = (int) $_POST['comment_post_ID'];
    3635
    37         if (!current_user_can( 'edit_post', $comment_post_ID ))
    38                 wp_die( __('You are not allowed to edit comments on this post, so you cannot edit this comment.' ) );
     36        if ( ! current_user_can( 'edit_comment', (int) $_POST['comment_ID'] ) )
     37                wp_die ( __( 'You are not allowed to edit comments on this post.' ) );
    3938
    4039        $_POST['comment_author'] = $_POST['newcomment_author'];
    4140        $_POST['comment_author_email'] = $_POST['newcomment_author_email'];