Make WordPress Core

Changeset 23907


Ignore:
Timestamp:
04/04/2013 06:44:38 PM (11 years ago)
Author:
nacin
Message:

Use get_post() in lieu of direct query in wp_ajax_replyto_comment(). fixes #23940.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/includes/ajax-actions.php

    r23904 r23907  
    725725
    726726    $comment_post_ID = (int) $_POST['comment_post_ID'];
     727    $post = get_post( $comment_post_ID );
     728    if ( ! $post )
     729        wp_die( -1 );
     730
    727731    if ( !current_user_can( 'edit_post', $comment_post_ID ) )
    728732        wp_die( -1 );
    729733
    730     $status = $wpdb->get_var( $wpdb->prepare("SELECT post_status FROM $wpdb->posts WHERE ID = %d", $comment_post_ID) );
    731 
    732     if ( empty($status) )
     734    if ( empty( $post->post_status ) )
    733735        wp_die( 1 );
    734     elseif ( in_array($status, array('draft', 'pending', 'trash') ) )
     736    elseif ( in_array($post->post_status, array('draft', 'pending', 'trash') ) )
    735737        wp_die( __('ERROR: you are replying to a comment on a draft post.') );
    736738
Note: See TracChangeset for help on using the changeset viewer.