Changeset 9043 for trunk/src/bp-activity/bp-activity-template.php

Timestamp:

09/25/2014 05:17:36 PM (12 years ago)

Author:

r-a-y

Message:

Activity: Make sure a non-admin can delete their own activity.

Changes in r8697 broke this functionality due to a strict type check. The
activity user ID is a string, while the logged-in user is an integer.

Commit fixes this by typecasting the activity user ID as an integer and
adds a unit test.

Fixes #5900 (trunk).

File:

• trunk/src/bp-activity/bp-activity-template.php (modified) (1 diff)

trunk/src/bp-activity/bp-activity-template.php

@@ -1695 +1695 @@
         // quite powerful, because doing so also deletes all comments to that
         // activity item. We should revisit this eventually.
-        if ( isset( $activity->user_id ) && ( $activity->user_id === bp_loggedin_user_id() ) ) {
+        if ( isset( $activity->user_id ) && ( (int) $activity->user_id === bp_loggedin_user_id() ) ) {
             $can_delete = true;
         }