Make WordPress Core

Changeset 10970


Ignore:
Timestamp:
04/17/2009 12:48:41 AM (16 years ago)
Author:
azaozz
Message:

Hide email addresses from low privilege users on the comments page, props mrmist, fixes #8801

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/includes/template.php

    r10968 r10970  
    20662066    $post = get_post($comment->comment_post_ID);
    20672067    $the_comment_status = wp_get_comment_status($comment->comment_ID);
     2068    $user_can = current_user_can('edit_post', $post->ID);
    20682069
    20692070    $author_url = get_comment_author_url();
     
    21032104                if ( !$checkbox ) break;
    21042105                echo '<th scope="row" class="check-column">';
    2105                 if ( current_user_can('edit_post', $post->ID) ) echo "<input type='checkbox' name='delete_comments[]' value='$comment->comment_ID' />";
     2106                if ( $user_can ) echo "<input type='checkbox' name='delete_comments[]' value='$comment->comment_ID' />";
    21062107                echo '</th>';
    21072108                break;
     
    21142115                <div id="inline-<?php echo $comment->comment_ID; ?>" class="hidden">
    21152116                <textarea class="comment" rows="3" cols="10"><?php echo $comment->comment_content; ?></textarea>
    2116                 <div class="author-email"><?php echo attribute_escape( $comment->comment_author_email ); ?></div>
    2117                 <div class="author"><?php echo attribute_escape( $comment->comment_author ); ?></div>
     2117                <div class="author-email"><?php if ( $user_can ) echo attribute_escape( $comment->comment_author_email ); ?></div>
     2118                <div class="author"><?php if ( $user_can ) echo attribute_escape( $comment->comment_author ); ?></div>
    21182119                <div class="author-url"><?php echo attribute_escape( $comment->comment_author_url ); ?></div>
    21192120                <div class="comment_status"><?php echo $comment->comment_approved; ?></div>
     
    21222123                $actions = array();
    21232124
    2124                 if ( current_user_can('edit_post', $post->ID) ) {
     2125                if ( $user_can ) {
    21252126                    $actions['approve'] = "<a href='$approve_url' class='dim:the-comment-list:comment-$comment->comment_ID:unapproved:e7e7d3:e7e7d3:new=approved vim-a' title='" . __( 'Approve this comment' ) . "'>" . __( 'Approve' ) . '</a>';
    21262127                    $actions['unapprove'] = "<a href='$unapprove_url' class='dim:the-comment-list:comment-$comment->comment_ID:unapproved:e7e7d3:e7e7d3:new=unapproved vim-u' title='" . __( 'Unapprove this comment' ) . "'>" . __( 'Unapprove' ) . '</a>';
     
    21652166                if ( !empty($author_url) )
    21662167                    echo "<a title='$author_url' href='$author_url'>$author_url_display</a><br />";
    2167                 if ( current_user_can( 'edit_post', $post->ID ) ) {
     2168                if ( $user_can ) {
    21682169                    if ( !empty($comment->comment_author_email) ) {
    21692170                        comment_author_email_link();
     
    21922193                        $pending_comments = $_comment_pending_count[$post->ID] = $_comment_pending_count_temp[$post->ID];
    21932194                    }
    2194                     if ( current_user_can( 'edit_post', $post->ID ) ) {
     2195                    if ( $user_can ) {
    21952196                        $post_link = "<a href='" . get_edit_post_link($post->ID) . "'>";
    21962197                        $post_link .= get_the_title($post->ID) . '</a>';
Note: See TracChangeset for help on using the changeset viewer.