WordPress.org

Make WordPress Core


Ignore:
Timestamp:
11/28/2015 06:28:54 PM (5 years ago)
Author:
johnbillion
Message:

Ensure the correct error message is returned when a user attempts to comment on a post to which they do not have access.

Adds more tests.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/comment.php

    r35725 r35745  
    26712671    $status = get_post_status( $post );
    26722672
     2673    if ( ( 'private' == $status ) && ! current_user_can( 'read_post', $comment_post_ID ) ) {
     2674        return new WP_Error( 'comment_id_not_found' );
     2675    }
     2676
    26732677    $status_obj = get_post_status_object( $status );
    26742678
     
    27572761        }
    27582762    } else {
    2759         if ( get_option( 'comment_registration' ) || 'private' == $status ) {
     2763        if ( get_option( 'comment_registration' ) ) {
    27602764            return new WP_Error( 'not_logged_in', __( 'Sorry, you must be logged in to post a comment.' ), 403 );
    27612765        }
Note: See TracChangeset for help on using the changeset viewer.