[wp-trac] [WordPress Trac] #31236: wp_ajax_upload_attachment does not properly handle situation when post_id is set
WordPress Trac
noreply at wordpress.org
Wed Feb 11 06:23:55 UTC 2015
#31236: wp_ajax_upload_attachment does not properly handle situation when post_id
is set
-------------------------------------+------------------
Reporter: johncacpro | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: 4.2
Component: Media | Version: 4.1
Severity: normal | Resolution:
Keywords: has-patch needs-testing | Focuses:
-------------------------------------+------------------
Comment (by SergeyBiryukov):
`current_user_can( 'edit_post', $post_id )` is correct, it's used in a lot
places in core. It breaks down to `edit_posts`, `edit_published_posts`, or
`edit_others_posts` for the post type, see [source:tags/4.1/src/wp-
includes/capabilities.php#L1115 map_meta_cap()].
--
Ticket URL: <https://core.trac.wordpress.org/ticket/31236#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list