From 9c822fc9b36bb84b8918f416290be5ae2cc1639c Mon Sep 17 00:00:00 2001 From: ryan Date: Thu, 30 Nov 2006 18:38:06 +0000 Subject: [PATCH] Enforce edit_users cap for users.php. Props westi. fixes #3410 git-svn-id: http://svn.automattic.com/wordpress/trunk@4559 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/users.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/wp-admin/users.php b/wp-admin/users.php index 8703f1ec55..c3f4ab01d6 100644 --- a/wp-admin/users.php +++ b/wp-admin/users.php @@ -2,11 +2,11 @@ require_once('admin.php'); require_once( ABSPATH . WPINC . '/registration.php'); +if ( !current_user_can('edit_users') ) + wp_die(__('Cheatin’ uh?')); + $title = __('Users'); -if ( current_user_can('edit_users') ) - $parent_file = 'users.php'; -else - $parent_file = 'profile.php'; +$parent_file = 'users.php'; $action = $_REQUEST['action']; $update = '';