[wp-trac] Re: [WordPress Trac] #2783: Registered user can't see in
the post their comments awaiting moderation
WordPress Trac
wp-trac at lists.automattic.com
Sun Mar 18 02:33:59 GMT 2007
#2783: Registered user can't see in the post their comments awaiting moderation
-------------------------------------------------+--------------------------
Reporter: west54 | Owner: anonymous
Type: defect | Status: new
Priority: normal | Milestone: 2.2
Component: Administration | Version: 2.0.2
Severity: major | Resolution:
Keywords: Registered User awaiting moderation |
-------------------------------------------------+--------------------------
Comment (by Bobcat):
I found where the bug occurs. It's an incorrect test to see if the
logged-in user has a post that is awaiting moderation. I fixed it as
follows -
At wp-includes/comment-template.php line 290, changed:
$comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE
comment_post_ID = '$post->ID' AND ( comment_approved = '1' OR (
'''comment_author = '$author_db' AND comment_author_email = '$email_db'
''' AND comment_approved = '0' ) ) ORDER BY comment_date");
To:
'''$xyzzy_user = wp_get_current_user();'''
'''$xyzzy_email = $wpdb->escape($xyzzy_user->user_email);'''
'''$xyzzy_id = $wpdb->escape($xyzzy_user->ID);'''
$comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE
comment_post_ID = '$post->ID' AND ( comment_approved = '1' OR ( '''user_ID
= '$xyzzy_id' AND comment_author_email = '$xyzzy_email' ''' AND
comment_approved = '0' ) ) ORDER BY comment_date");
The intent is to check if the logged-in user's ID and email is the same as
the comment author's ID and email. This works when registered users can
create comments. I did not test it for comments created by unregistered
users.
--
Ticket URL: <http://trac.wordpress.org/ticket/2783#comment:6>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list