[wp-trac] [WordPress Trac] #27137: Remove required user context from `get_edit_post_link()`
WordPress Trac
noreply at wordpress.org
Sat Feb 15 22:49:42 UTC 2014
#27137: Remove required user context from `get_edit_post_link()`
-------------------------------+------------------------------------
Reporter: danielbachhuber | Owner:
Type: defect (bug) | Status: new
Priority: low | Milestone: Awaiting Review
Component: Posts, Post Types | Version:
Severity: minor | Keywords: dev-feedback has-patch
Focuses: |
-------------------------------+------------------------------------
In a manner similar to #27113, `get_edit_post_link()` yields inconsistent
behavior when used without a user context.
For example, when using WP-CLI or a cron system to trigger email
generation, use of `get_edit_post_link()` will return an empty string.
The pattern established in core is to check whether the current user can
edit a given post before calling `get_edit_post_link()` because the
corresponding HTML will be broken otherwise.
Removing the capability check won't introduce a security hole because
WordPress institutes a capability check when loading the link.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/27137>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list