WordPress.org

Make WordPress Core

Ticket #23939: wp_ajax_replyto_comment.patch

File wp_ajax_replyto_comment.patch, 874 bytes (added by fgauthier, 2 years ago)

Replaces the "edit_post" capability by the "edit_comment" capability in wp_ajax_replyto_comment

  • wp-admin/includes/ajax-actions.php

     
    728728        if ( ! $post ) 
    729729                wp_die( -1 ); 
    730730 
    731         if ( !current_user_can( 'edit_post', $comment_post_ID ) ) 
     731        $comment_parent = absint($_POST['comment_ID']); 
     732        if ( !current_user_can( 'edit_comment', $comment_parent ) ) 
    732733                wp_die( -1 ); 
    733734 
    734735        if ( empty( $post->post_status ) ) 
     
    756757        if ( '' == $comment_content ) 
    757758                wp_die( __( 'ERROR: please type a comment.' ) ); 
    758759 
    759         $comment_parent = absint($_POST['comment_ID']); 
    760760        $comment_auto_approved = false; 
    761761        $commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type', 'comment_parent', 'user_ID'); 
    762762