From c9deeed6e9a7c20bec8555d9566bb0b0df2a1a6e Mon Sep 17 00:00:00 2001 From: Andrew Nacin Date: Thu, 4 Apr 2013 18:44:38 +0000 Subject: [PATCH] Use get_post() in lieu of direct query in wp_ajax_replyto_comment(). fixes #23940. git-svn-id: https://develop.svn.wordpress.org/trunk@23907 602fd350-edb4-49c9-b593-d223f7449a82 --- wp-admin/includes/ajax-actions.php | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/wp-admin/includes/ajax-actions.php b/wp-admin/includes/ajax-actions.php index 5e8f670325..9cc67867ba 100644 --- a/wp-admin/includes/ajax-actions.php +++ b/wp-admin/includes/ajax-actions.php @@ -724,14 +724,16 @@ function wp_ajax_replyto_comment( $action ) { check_ajax_referer( $action, '_ajax_nonce-replyto-comment' ); $comment_post_ID = (int) $_POST['comment_post_ID']; + $post = get_post( $comment_post_ID ); + if ( ! $post ) + wp_die( -1 ); + if ( !current_user_can( 'edit_post', $comment_post_ID ) ) wp_die( -1 ); - $status = $wpdb->get_var( $wpdb->prepare("SELECT post_status FROM $wpdb->posts WHERE ID = %d", $comment_post_ID) ); - - if ( empty($status) ) + if ( empty( $post->post_status ) ) wp_die( 1 ); - elseif ( in_array($status, array('draft', 'pending', 'trash') ) ) + elseif ( in_array($post->post_status, array('draft', 'pending', 'trash') ) ) wp_die( __('ERROR: you are replying to a comment on a draft post.') ); $user = wp_get_current_user();