[wp-trac] [WordPress Trac] #5082: Edit Comment capability flipped
WordPress Trac
wp-trac at lists.automattic.com
Wed Sep 26 10:36:13 GMT 2007
#5082: Edit Comment capability flipped
----------------------+-----------------------------------------------------
Reporter: lybica | Owner: anonymous
Type: defect | Status: new
Priority: high | Milestone: 2.3.1
Component: Security | Version: 2.3
Severity: major | Keywords: edit-comments
----------------------+-----------------------------------------------------
Using svn tag/2.3[[BR]]
upgraded from 2.2.3, run upgrade.php[[BR]]
I, as an "Author", can Edit/Delete/Classify-as-Spam comments written by
other Authors, including anonymous ones, but not mine.[[BR]]
In edit-comment.php, [ Edit | ... ] links are present except on my
comments.[[BR]]
I can ''actually edit'' comments by others using edit-comment.php.[[BR]]
Even edit_comment_link() in my theme does the opposite thing.[[BR]]
There must be some flipped logic introduced in 2.3, or screwed up on db
upgrade...?
--
Ticket URL: <http://trac.wordpress.org/ticket/5082>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list