Make WordPress Core


Ignore:
Timestamp:
08/23/2011 10:22:34 AM (13 years ago)
Author:
nacin
Message:

Check for comment existence before checking edit_comment meta cap. props xknown, fixes #18104.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/class-wp-xmlrpc-server.php

    r18501 r18584  
    11351135            return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
    11361136
     1137        if ( ! get_comment($comment_ID) )
     1138            return new IXR_Error( 404, __( 'Invalid comment ID.' ) );
     1139
    11371140        if ( !current_user_can( 'edit_comment', $comment_ID ) )
    11381141            return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
    11391142
    11401143        do_action('xmlrpc_call', 'wp.deleteComment');
    1141 
    1142         if ( ! get_comment($comment_ID) )
    1143             return new IXR_Error( 404, __( 'Invalid comment ID.' ) );
    11441144
    11451145        return wp_delete_comment($comment_ID);
     
    11851185            return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
    11861186
     1187        if ( ! get_comment($comment_ID) )
     1188            return new IXR_Error( 404, __( 'Invalid comment ID.' ) );
     1189
    11871190        if ( !current_user_can( 'edit_comment', $comment_ID ) )
    11881191            return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
    11891192
    11901193        do_action('xmlrpc_call', 'wp.editComment');
    1191 
    1192         if ( ! get_comment($comment_ID) )
    1193             return new IXR_Error( 404, __( 'Invalid comment ID.' ) );
    11941194
    11951195        if ( isset($content_struct['status']) ) {
Note: See TracChangeset for help on using the changeset viewer.