WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Limit post_password exposure. Props josephscott for the patch and xknown for the find. fixes #5535 for 2.4 

git-svn-id: http://svn.automattic.com/wordpress/trunk@6496 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2007-12-26 19:50:26 +00:00
parent cfcb483cf7
commit f2ea13fd3b
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
xmlrpc.php
View File

@ -1535,7 +1535,15 @@ class wp_xmlrpc_server extends IXR_Server {
return $this->error;
}
$this_user = set_current_user( 0, $user_login );
foreach ($posts_list as $entry) {
if (
!empty( $entry['post_password'] )
&& !current_user_can( 'edit_post', $entry['ID'] )
) {
unset( $entry['post_password'] );
}
$post_date = mysql2date('Ymd\TH:i:s', $entry['post_date']);
$post_date_gmt = mysql2date('Ymd\TH:i:s', $entry['post_date_gmt']);