[wp-trac] [WordPress Trac] #11810: Some users able to comment on unpublished posts
WordPress Trac
wp-trac at lists.automattic.com
Thu Jan 7 18:10:00 UTC 2010
#11810: Some users able to comment on unpublished posts
--------------------------+-------------------------------------------------
Reporter: ericmann | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: 2.9.2
Component: Comments | Version: 2.9.1
Severity: normal | Keywords: has-patch needs-testing
--------------------------+-------------------------------------------------
Comment(by filosofo):
Replying to [comment:10 nacin]:
> True, but we still need to cover our bases for a private post.
I thought private posts were already covered?
> Hypothetically, pending status is a type of draft status, while future
is a form of a published post. I don't think there are other restrictions
(in wp-comments-post, admin-ajax, the comments template, etc.) on
commenting on a future post just as long as they have capabilities to see
the post.
Currently you have to be able to edit a particular future post in order to
view it (in WP_Query); it seems to me that more reasonable check for
allowing a comment on a future post would be "read_post," but that would
involve changing the "read_post" logic. This gets complicated...
--
Ticket URL: <http://core.trac.wordpress.org/ticket/11810#comment:12>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list