WordPress.org

Make WordPress Core


Ignore:
Timestamp:
06/21/2016 02:20:46 PM (3 years ago)
Author:
boonebgorges
Message:

Taxonomy: More specific cap check when processing category data on post save.

Ports [37691] to the 4.0 branch.

Props dlh.
Fixes #36379.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/4.0/src/wp-admin/includes/post.php

    r33545 r37782  
    164164        }
    165165        $post_data['post_date_gmt'] = get_gmt_from_date( $post_data['post_date'] );
     166    }
     167
     168    if ( isset( $post_data['post_category'] ) ) {
     169        $category_object = get_taxonomy( 'category' );
     170        if ( ! current_user_can( $category_object->cap->assign_terms ) ) {
     171            unset( $post_data['post_category'] );
     172        }
    166173    }
    167174
Note: See TracChangeset for help on using the changeset viewer.