Changeset 12601 for sites/trunk/wordpress.org/public_html/wp-content/plugins/theme-directory/admin-edit.php

Timestamp:

05/23/2023 06:23:01 AM (3 years ago)

Author:

dd32

Message:

Theme Directory: Clarify the permission check to be more readable.

[12600] incorrectly altered how the permission check operates, inverting it accidentally.

$post->post_author is a stringy ID, while $user->ID is an integer, causing the check to originally fail.

File:

• sites/trunk/wordpress.org/public_html/wp-content/plugins/theme-directory/admin-edit.php (modified) (1 diff)

sites/trunk/wordpress.org/public_html/wp-content/plugins/theme-directory/admin-edit.php

@@ -107 +107 @@
 
             // User must be able to edit theme or be the theme owner.
-            if ( ! ( user_can( $user->ID, 'edit_post', $post ) || $user->ID !== $post->post_author ) ) {
+            if ( ! user_can( $user->ID, 'edit_post', $post ) && $user->ID !== intval( $post->post_author ) ) {
                 return [ 'do_not_allow' ];
             }