[wp-trac] Re: [WordPress Trac] #8672: XML RPC method bug in 2.7 in wp_newComment()

WordPress Trac wp-trac at lists.automattic.com
Thu Dec 18 23:52:39 GMT 2008


#8672: XML RPC method bug in 2.7 in wp_newComment()
------------------------------+---------------------------------------------
 Reporter:  screamingtoaster  |        Owner:  josephscott
     Type:  defect (bug)      |       Status:  new        
 Priority:  high              |    Milestone:  2.7.1      
Component:  XML-RPC           |      Version:  2.7        
 Severity:  critical          |   Resolution:             
 Keywords:                    |  
------------------------------+---------------------------------------------
Comment (by josephscott):

 1- I can't replicate this problem, I've confirmed that for an invalid
 username/password code does execute to the !$allow_anon check.  While an
 error is stored in $this->error at the time of the user check failing, it
 isn't used until further into the code.  If you can provide detailed steps
 on how to reproduce the reported problem I'd be happy to help track it
 down.

 2- I don't think we talked about addressing the case where a valid user is
 trying to leave a comment as someone else.  Just before the code block you
 quoted you'll see a check for $logged_in.  If $logged_in is true then we
 always use their account info to populate the author details.  If it's
 false then we populate the comment author details with the values
 provided, if they were provided at all.

-- 
Ticket URL: <http://trac.wordpress.org/ticket/8672#comment:1>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list