[wp-trac] [WordPress Trac] #20372: WP_User::exists()
WordPress Trac
wp-trac at lists.automattic.com
Tue Apr 10 15:43:20 UTC 2012
#20372: WP_User::exists()
------------------------------+------------------
Reporter: markjaquith | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: 3.4
Component: Users | Version:
Severity: normal | Resolution:
Keywords: has-patch commit |
------------------------------+------------------
Comment (by duck_):
Replying to [comment:7 nacin]:
> In [20402]:
> {{{
> #!CommitTicketReference repository="" revision="20402"
> wp_set_current_user(0) for XMLRPC_REQUEST in get_currentuserinfo().
Ensures that wp_get_current_user() always returns a WP_User object. see
#20372.
> }}}
As reported by koke in IRC this breaks caps checks during XML-RPC
requests. This is because the call to wp_get_current_user() in
current_user_can() makes get_currentuserinfo() override the user set by
wp_xmlrpc_server::login().
A solution would be to move the XMLRPC_REQUEST block to come after the
check for a non-empty $current_user global, see attached patch.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/20372#comment:13>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list