Changeset 57123
- Timestamp:
- 11/17/2023 05:09:09 PM (14 months ago)
- Location:
- trunk/src/wp-admin/includes
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-admin/includes/class-wp-comments-list-table.php
r57120 r57123 639 639 global $post, $comment; 640 640 641 // Restores the more descriptive, specific name for use within this method. 641 642 $comment = $item; 643 644 if ( $comment->comment_post_ID > 0 ) { 645 $post = get_post( $comment->comment_post_ID ); 646 } 647 648 $edit_post_cap = $post ? 'edit_post' : 'edit_posts'; 649 650 if ( ! current_user_can( $edit_post_cap, $comment->comment_post_ID ) 651 && ( ! empty( $post->post_password ) 652 || ! current_user_can( 'read_post', $comment->comment_post_ID ) ) 653 ) { 654 // The user has no access to the post and thus cannot see the comments. 655 return false; 656 } 642 657 643 658 $the_comment_class = wp_get_comment_status( $comment ); … … 649 664 $the_comment_class = implode( ' ', get_comment_class( $the_comment_class, $comment, $comment->comment_post_ID ) ); 650 665 651 if ( $comment->comment_post_ID > 0 ) {652 $post = get_post( $comment->comment_post_ID );653 }654 655 666 $this->user_can = current_user_can( 'edit_comment', $comment->comment_ID ); 656 657 $edit_post_cap = $post ? 'edit_post' : 'edit_posts';658 if (659 current_user_can( $edit_post_cap, $comment->comment_post_ID ) ||660 (661 empty( $post->post_password ) &&662 current_user_can( 'read_post', $comment->comment_post_ID )663 )664 ) {665 // The user has access to the post and thus can see comments.666 } else {667 return false;668 }669 667 670 668 echo "<tr id='comment-$comment->comment_ID' class='$the_comment_class'>"; -
trunk/src/wp-admin/includes/class-wp-list-table.php
r57120 r57123 829 829 */ 830 830 protected function comments_bubble( $post_id, $pending_comments ) { 831 $post_object = get_post( $post_id ); 832 $edit_post_cap = $post_object ? 'edit_post' : 'edit_posts'; 833 834 if ( ! current_user_can( $edit_post_cap, $post_id ) 835 && ( ! empty( $post_object->post_password ) 836 || ! current_user_can( 'read_post', $post_id ) ) 837 ) { 838 // The user has no access to the post and thus cannot see the comments. 839 return false; 840 } 841 831 842 $approved_comments = get_comments_number(); 832 843 … … 851 862 $pending_comments_number 852 863 ); 853 854 $post_object = get_post( $post_id );855 $edit_post_cap = $post_object ? 'edit_post' : 'edit_posts';856 if (857 current_user_can( $edit_post_cap, $post_id ) ||858 (859 empty( $post_object->post_password ) &&860 current_user_can( 'read_post', $post_id )861 )862 ) {863 // The user has access to the post and thus can see comments.864 } else {865 return false;866 }867 864 868 865 if ( ! $approved_comments && ! $pending_comments ) { -
trunk/src/wp-admin/includes/dashboard.php
r56836 r57123 1089 1089 1090 1090 foreach ( $possible as $comment ) { 1091 if ( ! current_user_can( 'read_post', $comment->comment_post_ID ) ) { 1091 $comment_post = get_post( $comment->comment_post_ID ); 1092 1093 if ( ! current_user_can( 'edit_post', $comment->comment_post_ID ) 1094 && ( ! empty( $comment_post->post_password ) 1095 || ! current_user_can( 'read_post', $comment->comment_post_ID ) ) 1096 ) { 1097 // The user has no access to the post and thus cannot see the comments. 1092 1098 continue; 1093 1099 } … … 1110 1116 echo '<ul id="the-comment-list" data-wp-lists="list:comment">'; 1111 1117 foreach ( $comments as $comment ) { 1112 $comment_post = get_post( $comment->comment_post_ID ); 1113 if ( 1114 current_user_can( 'edit_post', $comment->comment_post_ID ) || 1115 ( 1116 empty( $comment_post->post_password ) && 1117 current_user_can( 'read_post', $comment->comment_post_ID ) 1118 ) 1119 ) { 1120 _wp_dashboard_recent_comments_row( $comment ); 1121 } 1118 _wp_dashboard_recent_comments_row( $comment ); 1122 1119 } 1123 1120 echo '</ul>';
Note: See TracChangeset
for help on using the changeset viewer.