WordPress.org

Make WordPress Core

Changeset 18435


Ignore:
Timestamp:
07/11/2011 09:48:43 PM (9 years ago)
Author:
nacin
Message:

Use edit_comment rather than edit_post in admin-ajax. props ejdanderson, see #17909. for trunk.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/admin-ajax.php

    r18110 r18435  
    322322    if ( !$comment = get_comment( $id ) )
    323323        die( (string) time() );
    324     if ( !current_user_can( 'edit_post', $comment->comment_post_ID ) )
     324    if ( ! current_user_can( 'edit_comment', $comment->comment_ID ) )
    325325        die('-1');
    326326
     
    458458    }
    459459
    460     if ( !current_user_can( 'edit_post', $comment->comment_post_ID ) && !current_user_can( 'moderate_comments' ) )
     460    if ( ! current_user_can( 'edit_comment', $comment->comment_ID ) && ! current_user_can( 'moderate_comments' ) )
    461461        die('-1');
    462462
     
    613613    ob_start();
    614614    foreach ( $wp_list_table->items as $comment ) {
     615        if ( ! current_user_can( 'edit_comment', $comment->comment_ID ) )
     616            continue;
    615617        get_comment( $comment );
    616618        $wp_list_table->single_row( $comment );
     
    715717    set_current_screen( 'edit-comments' );
    716718
    717     $comment_post_ID = (int) $_POST['comment_post_ID'];
    718     if ( ! current_user_can( 'edit_post', $comment_post_ID ) )
     719    $comment_id = (int) $_POST['comment_ID'];
     720    if ( ! current_user_can( 'edit_comment', $comment_id ) )
    719721        die('-1');
    720722
     
    722724        die( __('Error: please type a comment.') );
    723725
    724     $comment_id = (int) $_POST['comment_ID'];
    725726    $_POST['comment_status'] = $_POST['status'];
    726727    edit_comment();
Note: See TracChangeset for help on using the changeset viewer.