#9899 closed enhancement (fixed)
edit_post_link() performs redundant permissions checking
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | 2.8 | Priority: | normal |
| Severity: | normal | Version: | 2.8 |
| Component: | General | Keywords: | has-patch tested |
| Focuses: | Cc: |
Description
edit_post_link() duplicates permission checks that are already (and always) performed in get_edit_post_link().
edit_post_link() has checks to ensure current_user_can('edit_post', $post->ID) (and similar if it's a page). If the user can, then get_edit_post_link() is called, which repeats those checks.
The attached patch has edit_post_link() defer to get_edit_post_link() for the check. This eliminates code duplication and redundant processing, centralizes this permission checking, and removes lines of code; wins all around.
Patch is also compatible with changes I suggested in #9898.
Attachments (1)
Change History (3)
Note: See
TracTickets for help on using
tickets.
Patch as mentioned in original submission.