Make WordPress Core

Changeset 20424


Ignore:
Timestamp:
04/10/2012 04:19:53 PM (13 years ago)
Author:
duck_
Message:

Don't override the $current_user global in get_currentuserinfo() on an XML-RPC request
if it's non-empty. Fixes capabilities checks for XML-RPC requests. See #20372.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/pluggable.php

    r20410 r20424  
    7474function get_currentuserinfo() {
    7575    global $current_user;
    76 
    77     if ( defined('XMLRPC_REQUEST') && XMLRPC_REQUEST ) {
    78         wp_set_current_user( 0 );
    79         return false;
    80     }
    8176
    8277    if ( ! empty( $current_user ) ) {
     
    9489        // $current_user has a junk value. Force to WP_User with ID 0.
    9590        $current_user = null;
     91        wp_set_current_user( 0 );
     92        return false;
     93    }
     94
     95    if ( defined('XMLRPC_REQUEST') && XMLRPC_REQUEST ) {
    9696        wp_set_current_user( 0 );
    9797        return false;
Note: See TracChangeset for help on using the changeset viewer.