- Timestamp:
- 11/19/2016 01:05:36 AM (8 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php
r39305 r39306 374 374 // Limit who can set comment `author`, `author_ip` or `status` to anything other than the default. 375 375 if ( isset( $request['author'] ) && get_current_user_id() !== $request['author'] && ! current_user_can( 'moderate_comments' ) ) { 376 /* translators: %s: request parameter */ 377 return new WP_Error( 'rest_comment_invalid_author', sprintf( __( "Sorry, you are not allowed to edit '%s' for comments." ), 'author' ), array( 'status' => rest_authorization_required_code() ) ); 376 return new WP_Error( 'rest_comment_invalid_author', 377 /* translators: %s: request parameter */ 378 sprintf( __( "Sorry, you are not allowed to edit '%s' for comments." ), 'author' ), 379 array( 'status' => rest_authorization_required_code() ) 380 ); 378 381 } 379 382 380 383 if ( isset( $request['author_ip'] ) && ! current_user_can( 'moderate_comments' ) ) { 381 384 if ( empty( $_SERVER['REMOTE_ADDR'] ) || $request['author_ip'] !== $_SERVER['REMOTE_ADDR'] ) { 382 return new WP_Error( 'rest_comment_invalid_author_ip', __( 'Sorry, you are not allowed to set author_ip for comments.' ), array( 'status' => rest_authorization_required_code() ) ); 385 return new WP_Error( 'rest_comment_invalid_author_ip', 386 /* translators: %s: request parameter */ 387 sprintf( __( "Sorry, you are not allowed to edit '%s' for comments.", 'author_ip' ) ), 388 array( 'status' => rest_authorization_required_code() ) 389 ); 383 390 } 384 391 } 385 392 386 393 if ( isset( $request['status'] ) && ! current_user_can( 'moderate_comments' ) ) { 387 /* translators: %s: request parameter */ 388 return new WP_Error( 'rest_comment_invalid_status', sprintf( __( "Sorry, you are not allowed to edit '%s' for comments." ), 'status' ), array( 'status' => rest_authorization_required_code() ) ); 394 return new WP_Error( 'rest_comment_invalid_status', 395 /* translators: %s: request parameter */ 396 sprintf( __( "Sorry, you are not allowed to edit '%s' for comments." ), 'status' ), 397 array( 'status' => rest_authorization_required_code() ) 398 ); 389 399 } 390 400
Note: See TracChangeset
for help on using the changeset viewer.