Make WordPress Core


Ignore:
Timestamp:
06/21/2016 02:24:03 PM (8 years ago)
Author:
boonebgorges
Message:

Taxonomy: More specific cap check when processing category data on post save.

Ports [37691] to the 3.7 branch.

Props dlh.
Fixes #36379.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/3.7/src/wp-admin/includes/post.php

    r33548 r37788  
    153153        }
    154154        $post_data['post_date_gmt'] = get_gmt_from_date( $post_data['post_date'] );
     155    }
     156
     157    if ( isset( $post_data['post_category'] ) ) {
     158        $category_object = get_taxonomy( 'category' );
     159        if ( ! current_user_can( $category_object->cap->assign_terms ) ) {
     160            unset( $post_data['post_category'] );
     161        }
    155162    }
    156163
Note: See TracChangeset for help on using the changeset viewer.