WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Comments: Use `post_password_required()` for comment capability checks. 

Follow-up to [56836], [57123].

Fixes #59929.
Built from https://develop.svn.wordpress.org/trunk@57285


git-svn-id: http://core.svn.wordpress.org/trunk@56791 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Sergey Biryukov 2024-01-15 17:42:18 +00:00
parent 368e2fc5cd
commit 50670cd102
4 changed files with 4 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
wp-admin/includes/class-wp-comments-list-table.php
View File

@ -648,7 +648,7 @@ class WP_Comments_List_Table extends WP_List_Table {
$edit_post_cap = $post ? 'edit_post' : 'edit_posts'; $edit_post_cap = $post ? 'edit_post' : 'edit_posts';
if ( ! current_user_can( $edit_post_cap, $comment->comment_post_ID ) if ( ! current_user_can( $edit_post_cap, $comment->comment_post_ID )
&& ( ! empty( $post->post_password ) && ( post_password_required( $comment->comment_post_ID )
|| ! current_user_can( 'read_post', $comment->comment_post_ID ) ) || ! current_user_can( 'read_post', $comment->comment_post_ID ) )
) { ) {
// The user has no access to the post and thus cannot see the comments. // The user has no access to the post and thus cannot see the comments.

2
wp-admin/includes/class-wp-list-table.php
View File

@ -832,7 +832,7 @@ class WP_List_Table {
$edit_post_cap = $post_object ? 'edit_post' : 'edit_posts'; $edit_post_cap = $post_object ? 'edit_post' : 'edit_posts';
if ( ! current_user_can( $edit_post_cap, $post_id ) if ( ! current_user_can( $edit_post_cap, $post_id )
&& ( ! empty( $post_object->post_password ) && ( post_password_required( $post_id )
|| ! current_user_can( 'read_post', $post_id ) ) || ! current_user_can( 'read_post', $post_id ) )
) { ) {
// The user has no access to the post and thus cannot see the comments. // The user has no access to the post and thus cannot see the comments.

4
wp-admin/includes/dashboard.php
View File

@ -1088,10 +1088,8 @@ function wp_dashboard_recent_comments( $total_items = 5 ) {
} }
foreach ( $possible as $comment ) { foreach ( $possible as $comment ) {
$comment_post = get_post( $comment->comment_post_ID );
if ( ! current_user_can( 'edit_post', $comment->comment_post_ID ) if ( ! current_user_can( 'edit_post', $comment->comment_post_ID )
&& ( ! empty( $comment_post->post_password ) && ( post_password_required( $comment->comment_post_ID )
|| ! current_user_can( 'read_post', $comment->comment_post_ID ) ) || ! current_user_can( 'read_post', $comment->comment_post_ID ) )
) { ) {
// The user has no access to the post and thus cannot see the comments. // The user has no access to the post and thus cannot see the comments.

2
wp-includes/version.php
View File

@ -16,7 +16,7 @@
* *
* @global string $wp_version * @global string $wp_version
*/ */
$wp_version = '6.5-alpha-57284'; $wp_version = '6.5-alpha-57285';
/** /**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema. * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.