[wp-trac] [WordPress Trac] #20846: Multisite: Network Users can post comments without being members of the site
WordPress Trac
wp-trac at lists.automattic.com
Tue Jun 5 14:35:41 UTC 2012
#20846: Multisite: Network Users can post comments without being members of the
site
--------------------------+-----------------------------
Reporter: Ipstenu | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Comments | Version: 3.0
Severity: normal | Keywords:
--------------------------+-----------------------------
This is probably an 'ever since inception' issue and I can replicate it on
3.4
Setup:
Have a user added to your network but '''not''' to a site
(domain.com/test).
Set up domain.com/test to only allow registered users to comment.
Remember, we've not added this new user to the site, just the network.
Log in as that user and go to domain.com/test
Oh look! You can comment as a 'registered' user.
This should be check for 'Is this a user ''and'', if multisite, is this
user a member of the site?'
It's that or the wording needs to be clearer that anyone registered on the
network can comment.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/20846>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list