In Custom_Background and Custom_Header:

* In `->init()`, don't check `current_user_can()` since `add_theme_page()` will return `false` immediately if the cap check fails. 
* Bail if `add_theme_page()` returns `false`
* `wp_check_filetype_and_ext()` doesn't need a 3rd param, it already defaults to `null`. Passing `false` would fail a strict check.

See #30799.

Built from https://develop.svn.wordpress.org/trunk@31116


git-svn-id: http://core.svn.wordpress.org/trunk@31097 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Scott Taylor 2015-01-09 21:07:22 +00:00
parent 236d8ae9dc
commit 709698a579
3 changed files with 25 additions and 20 deletions

View File

@ -125,17 +125,20 @@ class Custom_Background {
* @since 3.0.0
*/
public function init() {
if ( ! current_user_can('edit_theme_options') )
$page = add_theme_page( __( 'Background' ), __( 'Background' ), 'edit_theme_options', 'custom-background', array( $this, 'admin_page' ) );
if ( ! $page ) {
return;
}
$this->page = $page = add_theme_page(__('Background'), __('Background'), 'edit_theme_options', 'custom-background', array($this, 'admin_page'));
$this->page = $page;
add_action("load-$page", array($this, 'admin_load'));
add_action("load-$page", array($this, 'take_action'), 49);
add_action("load-$page", array($this, 'handle_upload'), 49);
add_action( "load-$page", array( $this, 'admin_load' ) );
add_action( "load-$page", array( $this, 'take_action' ), 49 );
add_action( "load-$page", array( $this, 'handle_upload' ), 49 );
if ( $this->admin_header_callback )
add_action("admin_head-$page", $this->admin_header_callback, 51);
if ( $this->admin_header_callback ) {
add_action( "admin_head-$page", $this->admin_header_callback, 51 );
}
}
/**
@ -427,7 +430,7 @@ if ( current_theme_supports( 'custom-background', 'default-color' ) )
$overrides = array('test_form' => false);
$uploaded_file = $_FILES['import'];
$wp_filetype = wp_check_filetype_and_ext( $uploaded_file['tmp_name'], $uploaded_file['name'], false );
$wp_filetype = wp_check_filetype_and_ext( $uploaded_file['tmp_name'], $uploaded_file['name'] );
if ( ! wp_match_mime_types( 'image', $wp_filetype['type'] ) )
wp_die( __( 'The uploaded file is not a valid image. Please try again.' ) );

View File

@ -143,19 +143,21 @@ class Custom_Image_Header {
* @since 2.1.0
*/
public function init() {
if ( ! current_user_can('edit_theme_options') )
$page = add_theme_page( __( 'Header' ), __( 'Header' ), 'edit_theme_options', 'custom-header', array( $this, 'admin_page' ) );
if ( ! $page ) {
return;
}
$this->page = $page = add_theme_page(__('Header'), __('Header'), 'edit_theme_options', 'custom-header', array($this, 'admin_page'));
add_action("admin_print_scripts-$page", array($this, 'js_includes'));
add_action("admin_print_styles-$page", array($this, 'css_includes'));
add_action("admin_head-$page", array($this, 'help') );
add_action("admin_head-$page", array($this, 'take_action'), 50);
add_action("admin_head-$page", array($this, 'js'), 50);
if ( $this->admin_header_callback )
add_action("admin_head-$page", $this->admin_header_callback, 51);
$this->page = $page;
add_action( "admin_print_scripts-$page", array( $this, 'js_includes' ) );
add_action( "admin_print_styles-$page", array( $this, 'css_includes' ) );
add_action( "admin_head-$page", array( $this, 'help' ) );
add_action( "admin_head-$page", array( $this, 'take_action' ), 50 );
add_action( "admin_head-$page", array( $this, 'js' ), 50 );
if ( $this->admin_header_callback ) {
add_action( "admin_head-$page", $this->admin_header_callback, 51 );
}
}
/**
@ -862,7 +864,7 @@ wp_nonce_field( 'custom-header-options', '_wpnonce-custom-header-options' ); ?>
$overrides = array('test_form' => false);
$uploaded_file = $_FILES['import'];
$wp_filetype = wp_check_filetype_and_ext( $uploaded_file['tmp_name'], $uploaded_file['name'], false );
$wp_filetype = wp_check_filetype_and_ext( $uploaded_file['tmp_name'], $uploaded_file['name'] );
if ( ! wp_match_mime_types( 'image', $wp_filetype['type'] ) )
wp_die( __( 'The uploaded file is not a valid image. Please try again.' ) );

View File

@ -4,7 +4,7 @@
*
* @global string $wp_version
*/
$wp_version = '4.2-alpha-31115';
$wp_version = '4.2-alpha-31116';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.