WordPress.org

Make WordPress Core

Opened 7 years ago

Closed 7 years ago

Last modified 7 years ago

#5082 closed defect (bug) (invalid)

Edit Comment capability flipped

Reported by: lybica Owned by:
Milestone: Priority: high
Severity: major Version: 2.3
Component: Security Keywords: edit-comments
Focuses: Cc:

Description

Using svn tag/2.3
upgraded from 2.2.3, run upgrade.php

I, as an "Author", can Edit/Delete/Classify-as-Spam comments written by other Authors, including anonymous ones, but not mine.
In edit-comment.php, [ Edit | ... ] links are present except on my comments.
I can actually edit comments by others using edit-comment.php.
Even edit_comment_link() in my theme does the opposite thing.
There must be some flipped logic introduced in 2.3, or screwed up on db upgrade...?

Change History (3)

comment:1 in reply to: ↑ description ; follow-up: bl9687 years ago

Replying to lybica:

I, as an "Author", can Edit/Delete/Classify-as-Spam comments written by other Authors, including anonymous ones, but not mine.
In edit-comment.php, [ Edit | ... ] links are present except on my comments.
I can actually edit comments by others using edit-comment.php.
Even edit_comment_link() in my theme does the opposite thing.
There must be some flipped logic introduced in 2.3, or screwed up on db upgrade...?

Unable to duplicate. Steps attempted on a blog upgraded from 2.2.1 to 2.3.

  • Ran upgrade.php.
  • Created new author.
  • unable to edit other users comments both through the dashboard, through options/manage comments (edit-comment.php), and through the edit_comment_link() in the theme.

Some things to try...

  • Remove your wp-admin directory from your wordpress installation. (rm -rf wp-admin from your blogs home directory.)
  • Extract a fresh wordpress copy to a new sub directory.
  • Move the wp-admin from that directory to the your blogs home directory.
  • See if the problem still exists.
  • If problem still occurs try doing the same procedure with wp-includes.

comment:2 in reply to: ↑ 1 lybica7 years ago

  • Resolution set to invalid
  • Status changed from new to closed

Woo.
I followed your suggestions (deleted wp-admin + wp-includes and svn up'ed again)
and it seems fixed, all happy.

But I swear it was flipped... well anyways.
Thanks.

comment:3 Nazgul7 years ago

  • Milestone 2.3.1 deleted
Note: See TracTickets for help on using tickets.