WordPress.org

Make WordPress Core

Changeset 10970


Ignore:
Timestamp:
04/17/09 00:48:41 (5 years ago)
Author:
azaozz
Message:

Hide email addresses from low privilege users on the comments page, props mrmist, fixes #8801

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/includes/template.php

    r10968 r10970  
    20662066    $post = get_post($comment->comment_post_ID); 
    20672067    $the_comment_status = wp_get_comment_status($comment->comment_ID); 
     2068    $user_can = current_user_can('edit_post', $post->ID); 
    20682069 
    20692070    $author_url = get_comment_author_url(); 
     
    21032104                if ( !$checkbox ) break; 
    21042105                echo '<th scope="row" class="check-column">'; 
    2105                 if ( current_user_can('edit_post', $post->ID) ) echo "<input type='checkbox' name='delete_comments[]' value='$comment->comment_ID' />"; 
     2106                if ( $user_can ) echo "<input type='checkbox' name='delete_comments[]' value='$comment->comment_ID' />"; 
    21062107                echo '</th>'; 
    21072108                break; 
     
    21142115                <div id="inline-<?php echo $comment->comment_ID; ?>" class="hidden"> 
    21152116                <textarea class="comment" rows="3" cols="10"><?php echo $comment->comment_content; ?></textarea> 
    2116                 <div class="author-email"><?php echo attribute_escape( $comment->comment_author_email ); ?></div> 
    2117                 <div class="author"><?php echo attribute_escape( $comment->comment_author ); ?></div> 
     2117                <div class="author-email"><?php if ( $user_can ) echo attribute_escape( $comment->comment_author_email ); ?></div> 
     2118                <div class="author"><?php if ( $user_can ) echo attribute_escape( $comment->comment_author ); ?></div> 
    21182119                <div class="author-url"><?php echo attribute_escape( $comment->comment_author_url ); ?></div> 
    21192120                <div class="comment_status"><?php echo $comment->comment_approved; ?></div> 
     
    21222123                $actions = array(); 
    21232124 
    2124                 if ( current_user_can('edit_post', $post->ID) ) { 
     2125                if ( $user_can ) { 
    21252126                    $actions['approve'] = "<a href='$approve_url' class='dim:the-comment-list:comment-$comment->comment_ID:unapproved:e7e7d3:e7e7d3:new=approved vim-a' title='" . __( 'Approve this comment' ) . "'>" . __( 'Approve' ) . '</a>'; 
    21262127                    $actions['unapprove'] = "<a href='$unapprove_url' class='dim:the-comment-list:comment-$comment->comment_ID:unapproved:e7e7d3:e7e7d3:new=unapproved vim-u' title='" . __( 'Unapprove this comment' ) . "'>" . __( 'Unapprove' ) . '</a>'; 
     
    21652166                if ( !empty($author_url) ) 
    21662167                    echo "<a title='$author_url' href='$author_url'>$author_url_display</a><br />"; 
    2167                 if ( current_user_can( 'edit_post', $post->ID ) ) { 
     2168                if ( $user_can ) { 
    21682169                    if ( !empty($comment->comment_author_email) ) { 
    21692170                        comment_author_email_link(); 
     
    21922193                        $pending_comments = $_comment_pending_count[$post->ID] = $_comment_pending_count_temp[$post->ID]; 
    21932194                    } 
    2194                     if ( current_user_can( 'edit_post', $post->ID ) ) { 
     2195                    if ( $user_can ) { 
    21952196                        $post_link = "<a href='" . get_edit_post_link($post->ID) . "'>"; 
    21962197                        $post_link .= get_the_title($post->ID) . '</a>'; 
Note: See TracChangeset for help on using the changeset viewer.