mirror of
https://github.com/WordPress/WordPress.git
synced 2024-06-23 13:24:57 +02:00
Provide more helful feedback than just “Cheatin’ uh?” for permission errors in wp-admin/edit-tags.php
.
props ericlewis, kraftbj, lukecarbis, mrmist. fixes #33670. see #14530. Built from https://develop.svn.wordpress.org/trunk@33852 git-svn-id: http://core.svn.wordpress.org/trunk@33820 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
867a449fee
commit
c3b663ad8d
|
@ -17,8 +17,13 @@ $tax = get_taxonomy( $taxnow );
|
|||
if ( ! $tax )
|
||||
wp_die( __( 'Invalid taxonomy' ) );
|
||||
|
||||
if ( ! current_user_can( $tax->cap->manage_terms ) )
|
||||
wp_die( __( 'Cheatin’ uh?' ), 403 );
|
||||
if ( ! current_user_can( $tax->cap->manage_terms ) ) {
|
||||
wp_die(
|
||||
'<h1>' . __( 'Cheatin’ uh?' ) . '</h1>' .
|
||||
'<p>' . __( 'You are not allowed to manage these items.' ) . '</p>',
|
||||
403
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* $post_type is set when the WP_Terms_List_Table instance is created
|
||||
|
@ -53,8 +58,13 @@ case 'add-tag':
|
|||
|
||||
check_admin_referer( 'add-tag', '_wpnonce_add-tag' );
|
||||
|
||||
if ( !current_user_can( $tax->cap->edit_terms ) )
|
||||
wp_die( __( 'Cheatin’ uh?' ), 403 );
|
||||
if ( ! current_user_can( $tax->cap->edit_terms ) ) {
|
||||
wp_die(
|
||||
'<h1>' . __( 'Cheatin’ uh?' ) . '</h1>' .
|
||||
'<p>' . __( 'You are not allowed to add this item.' ) . '</p>',
|
||||
403
|
||||
);
|
||||
}
|
||||
|
||||
$ret = wp_insert_term( $_POST['tag-name'], $taxonomy, $_POST );
|
||||
$location = 'edit-tags.php?taxonomy=' . $taxonomy;
|
||||
|
@ -89,8 +99,13 @@ case 'delete':
|
|||
$tag_ID = (int) $_REQUEST['tag_ID'];
|
||||
check_admin_referer( 'delete-tag_' . $tag_ID );
|
||||
|
||||
if ( !current_user_can( $tax->cap->delete_terms ) )
|
||||
wp_die( __( 'Cheatin’ uh?' ), 403 );
|
||||
if ( ! current_user_can( $tax->cap->delete_terms ) ) {
|
||||
wp_die(
|
||||
'<h1>' . __( 'Cheatin’ uh?' ) . '</h1>' .
|
||||
'<p>' . __( 'You are not allowed to delete this item.' ) . '</p>',
|
||||
403
|
||||
);
|
||||
}
|
||||
|
||||
wp_delete_term( $tag_ID, $taxonomy );
|
||||
|
||||
|
@ -101,8 +116,13 @@ case 'delete':
|
|||
case 'bulk-delete':
|
||||
check_admin_referer( 'bulk-tags' );
|
||||
|
||||
if ( !current_user_can( $tax->cap->delete_terms ) )
|
||||
wp_die( __( 'Cheatin’ uh?' ), 403 );
|
||||
if ( ! current_user_can( $tax->cap->delete_terms ) ) {
|
||||
wp_die(
|
||||
'<h1>' . __( 'Cheatin’ uh?' ) . '</h1>' .
|
||||
'<p>' . __( 'You are not allowed to delete these items.' ) . '</p>',
|
||||
403
|
||||
);
|
||||
}
|
||||
|
||||
$tags = (array) $_REQUEST['delete_tags'];
|
||||
foreach ( $tags as $tag_ID ) {
|
||||
|
@ -139,8 +159,13 @@ case 'editedtag':
|
|||
$tag_ID = (int) $_POST['tag_ID'];
|
||||
check_admin_referer( 'update-tag_' . $tag_ID );
|
||||
|
||||
if ( !current_user_can( $tax->cap->edit_terms ) )
|
||||
wp_die( __( 'Cheatin’ uh?' ), 403 );
|
||||
if ( ! current_user_can( $tax->cap->edit_terms ) ) {
|
||||
wp_die(
|
||||
'<h1>' . __( 'Cheatin’ uh?' ) . '</h1>' .
|
||||
'<p>' . __( 'You are not allowed to edit this item.' ) . '</p>',
|
||||
403
|
||||
);
|
||||
}
|
||||
|
||||
$tag = get_term( $tag_ID, $taxonomy );
|
||||
if ( ! $tag )
|
||||
|
@ -252,8 +277,13 @@ if ( 'category' == $taxonomy || 'link_category' == $taxonomy || 'post_tag' == $t
|
|||
|
||||
require_once( ABSPATH . 'wp-admin/admin-header.php' );
|
||||
|
||||
if ( !current_user_can($tax->cap->edit_terms) )
|
||||
wp_die( __('You are not allowed to edit this item.') );
|
||||
if ( ! current_user_can( $tax->cap->edit_terms ) ) {
|
||||
wp_die(
|
||||
'<h1>' . __( 'Cheatin’ uh?' ) . '</h1>' .
|
||||
'<p>' . __( 'You are not allowed to edit this item.' ) . '</p>',
|
||||
403
|
||||
);
|
||||
}
|
||||
|
||||
$messages = array();
|
||||
$messages['_item'] = array(
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
*
|
||||
* @global string $wp_version
|
||||
*/
|
||||
$wp_version = '4.4-alpha-33851';
|
||||
$wp_version = '4.4-alpha-33852';
|
||||
|
||||
/**
|
||||
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
|
||||
|
|
Loading…
Reference in New Issue
Block a user