Support » Fixing WordPress » users of same levels can edit any comment includin

  • After reading this
    and then fixing it, I decided to check if the same weakness was to be found in comments.
    I made 2 users of the same level (e.g. User A & B) and posted comments on posts that each user made. Next, I logged in as User A and tried to edit comments on User A’s post, which of course worked. As the comments have id’s of their own – id=4/5/etc, I tried to access User B’s comments to edit. And it worked. I even edited comments found on admin’s posts . Basically so long as you know the id of the comment, any user can access and change it.
    As I don’t want this feature, I’m trying to change it so that only the admin can edit everyone’s comments, and the other users can edit their own comments and not other people’s ones.
    Is there some way to do this? I’m guessing this will involve changes in either post.php or edit-comments.php but I’m not sure what to do. Still a newbie at PHP. If anyone can offer a solution, I’d be most grateful. 🙂

Viewing 5 replies - 1 through 5 (of 5 total)
  • Thanks for the post. If anyone has a solution, please let us know. I have passed this along as well.

    No problem. 🙂 And yes, if anyone can offera quick fix for this bug, it’ll be much appreciated.



    This exact problem has me by the goolies, and a lot of other people. I’ve searched endlessly on the web and found hundreds of posts about this problem, but no satisfaction with a solution so far. I wish I knew PHP.


    I asked the same question and apparently there is no solution for v1.2 as far as I can tell. The fix seems to be set for v1.3 though, guess I just have to wait.



Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘users of same levels can edit any comment includin’ is closed to new replies.