From b0a975512a649f91155c5f54ab6edfa6c4ecb54b Mon Sep 17 00:00:00 2001
From: duck_ <duck_@1a063a9b-81f0-0310-95a4-ce76da25c4cd>
Date: Tue, 10 Apr 2012 16:19:53 +0000
Subject: [PATCH] Don't override the $current_user global in
 get_currentuserinfo() on an XML-RPC request if it's non-empty. Fixes
 capabilities checks for XML-RPC requests. See #20372.

git-svn-id: http://svn.automattic.com/wordpress/trunk@20424 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-includes/pluggable.php | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/wp-includes/pluggable.php b/wp-includes/pluggable.php
index d8b23d80f..e63373002 100644
--- a/wp-includes/pluggable.php
+++ b/wp-includes/pluggable.php
@@ -74,11 +74,6 @@ if ( !function_exists('get_currentuserinfo') ) :
 function get_currentuserinfo() {
 	global $current_user;
 
-	if ( defined('XMLRPC_REQUEST') && XMLRPC_REQUEST ) {
-		wp_set_current_user( 0 );
-		return false;
-	}
-
 	if ( ! empty( $current_user ) ) {
 		if ( $current_user instanceof WP_User )
 			return;
@@ -97,6 +92,11 @@ function get_currentuserinfo() {
 		return false;
 	}
 
+	if ( defined('XMLRPC_REQUEST') && XMLRPC_REQUEST ) {
+		wp_set_current_user( 0 );
+		return false;
+	}
+
 	if ( ! $user = wp_validate_auth_cookie() ) {
 		 if ( is_blog_admin() || is_network_admin() || empty( $_COOKIE[LOGGED_IN_COOKIE] ) || !$user = wp_validate_auth_cookie( $_COOKIE[LOGGED_IN_COOKIE], 'logged_in' ) ) {
 		 	wp_set_current_user( 0 );