[wp-xmlrpc] possible bug: deleteComment, etc say you're not authorized when comment doesn't exist

Alexander Concha alex at buayacorp.com
Wed Jul 13 16:55:20 UTC 2011


On Wed, Jul 13, 2011 at 6:48 PM, Joseph Scott <joseph at josephscott.org> wrote:
> On Wed, Jul 13, 2011 at 9:25 AM, Alexander Concha <alex at buayacorp.com> wrote:
>> On Wed, Jul 13, 2011 at 5:17 PM, Ryan B <wp-xmlrpc at ryanb.org> wrote:
>>> hi wp-xmlrpc! i noticed an odd behavior today with a few methods like
>>> deleteComment and editComment. if you give them a nonexistent comment
>>> id, they say "you're not allowed to moderate this comment," even when
>>> you are allowed. it seems like they should say the comment doesn't
>>> exist. this seems like a bug, since deletePage, etc do tell you that
>>> the page doesn't exist.
>>>
>>> can you all confirm? if so, i'll gladly send the patch, it's pretty
>>> trivial. thanks!
>>
>> Yes, the condition "if ( ! get_comment($comment_ID) )" should be done first.
>
>
> Correct.  Anyone filed a ticket on this yet?

Apparently not. I will do it.

-- 
Alexander Concha
http://www.buayacorp.com


More information about the wp-xmlrpc mailing list