Skip to:
Content

bbPress.org

Changeset 5189


Ignore:
Timestamp:
11/25/2013 03:41:20 AM (8 years ago)
Author:
johnjamesjacoby
Message:

Check the $author_id before passing it into bbp_is_user_keymaster() in blacklist and moderation functions. Prevents accidental role escalation if $author_id is empty. See #2393.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/includes/common/functions.php

    r5157 r5189  
    781781
    782782    // Bail if keymaster is author
    783     if ( bbp_is_user_keymaster( $author_id ) )
     783    if ( !empty( $author_id ) && bbp_is_user_keymaster( $author_id ) )
    784784        return true;
    785785
     
    900900
    901901    // Bail if keymaster is author
    902     if ( bbp_is_user_keymaster( $author_id ) )
     902    if ( !empty( $author_id ) && bbp_is_user_keymaster( $author_id ) )
    903903        return true;
    904904
Note: See TracChangeset for help on using the changeset viewer.