WordPress.org
Get WordPress

Make WordPress Core

Ticket #23939: 23939.diff

File 23939.diff, 611 bytes (added by rachelbaker, 11 years ago)

Only check edit_comment if the comment is being approved with reply

  • src/wp-admin/includes/ajax-actions.php

     
    994994                $parent = get_comment( $comment_parent );
    995995
    996996                if ( $parent && $parent->comment_approved === '0' && $parent->comment_post_ID == $comment_post_ID ) {
     997                        if ( ! current_user_can( 'edit_comment', $parent->comment_ID ) ) {
     998                                wp_die( -1 );
     999                        }
     1000
    9971001                        if ( wp_set_comment_status( $parent->comment_ID, 'approve' ) )
    9981002                                $comment_auto_approved = true;
    9991003                }