Skip to:
Content

bbPress.org


Ignore:
Timestamp:
03/29/2013 07:38:19 PM (8 years ago)
Author:
johnjamesjacoby
Message:

In bbp_get_user_id(), do not fallback to 'bbp_user_id' query variable, to prevent accidentally confusing a Guest (anonymous) user with the displayed user, in situations where empty bbp_get_user_id() checks are made. Fixes #2284.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/includes/users/capabilities.php

    r4797 r4831  
    149149    $user      = get_userdata( $user_id );
    150150    $role      = false;
    151     $all_roles = apply_filters( 'editable_roles', $wp_roles->roles );
    152151
    153152    // User has roles so lets
    154153    if ( ! empty( $user->roles ) ) {
    155         $roles = array_intersect( array_values( $user->roles ), array_keys( $all_roles ) );
     154
     155        // Apply the WordPress 'editable_roles' filter to let plugins ride along
     156        $all_roles = apply_filters( 'editable_roles', $wp_roles->roles );
     157
     158        // Look for an intersection of user roles to available blog roles
     159        $roles     = array_intersect( array_values( $user->roles ), array_keys( $all_roles ) );
    156160
    157161        // If there's a role in the array, use the first one
Note: See TracChangeset for help on using the changeset viewer.