mirror of
https://github.com/WordPress/WordPress.git
synced 2024-12-22 09:07:59 +01:00
Introduce WP_List_Table::check_permissions() and WP_List_Table::prepare_items(). Fixes #14596; See #14579
git-svn-id: http://svn.automattic.com/wordpress/trunk@15496 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
17cc67eb45
commit
c6056827ed
@ -558,7 +558,7 @@ case 'add-tag' :
|
||||
set_current_screen($_POST['screen']);
|
||||
|
||||
require_once( './includes/default-list-tables.php' );
|
||||
$table = new WP_Terms_Table( 'ajax' );
|
||||
$table = new WP_Terms_Table();
|
||||
|
||||
$level = 0;
|
||||
$tag_full_name = false;
|
||||
@ -626,7 +626,7 @@ case 'add-comment' :
|
||||
die('-1');
|
||||
|
||||
require_once( './includes/default-list-tables.php' );
|
||||
$table = new WP_Comments_Table( 'ajax' );
|
||||
$table = new WP_Comments_Table();
|
||||
|
||||
global $comments;
|
||||
|
||||
@ -659,7 +659,7 @@ case 'get-comments' :
|
||||
die('-1');
|
||||
|
||||
require_once( './includes/default-list-tables.php' );
|
||||
$table = new WP_Comments_Table( 'ajax' );
|
||||
$table = new WP_Comments_Table();
|
||||
|
||||
global $comments;
|
||||
|
||||
@ -685,7 +685,7 @@ case 'replyto-comment' :
|
||||
check_ajax_referer( $action, '_ajax_nonce-replyto-comment' );
|
||||
|
||||
require_once( './includes/default-list-tables.php' );
|
||||
$table = new WP_Comments_Table( 'ajax' );
|
||||
$table = new WP_Comments_Table();
|
||||
|
||||
$comment_post_ID = (int) $_POST['comment_post_ID'];
|
||||
if ( !current_user_can( 'edit_post', $comment_post_ID ) )
|
||||
@ -776,7 +776,7 @@ case 'edit-comment' :
|
||||
add_filter( 'comment_author', 'floated_admin_avatar' );
|
||||
|
||||
require_once( './includes/default-list-tables.php' );
|
||||
$table = new WP_Comments_Table( 'ajax' );
|
||||
$table = new WP_Comments_Table();
|
||||
|
||||
ob_start();
|
||||
$table->single_row( $comment_id, $mode, $comments_listing, $checkbox );
|
||||
@ -925,7 +925,7 @@ case 'add-user' :
|
||||
$user_object = new WP_User( $user_id );
|
||||
|
||||
require_once( './includes/default-list-tables.php' );
|
||||
$table = new WP_Users_Table( 'ajax' );
|
||||
$table = new WP_Users_Table();
|
||||
|
||||
$x = new WP_Ajax_Response( array(
|
||||
'what' => 'user',
|
||||
@ -1218,7 +1218,7 @@ case 'inline-save':
|
||||
edit_post();
|
||||
|
||||
require_once( './includes/default-list-tables.php' );
|
||||
$table = new WP_Posts_Table( 'ajax' );
|
||||
$table = new WP_Posts_Table();
|
||||
|
||||
$mode = $_POST['post_view'];
|
||||
$table->display_rows( array( get_post( $_POST['post_ID'] ) ) );
|
||||
@ -1228,19 +1228,14 @@ case 'inline-save':
|
||||
case 'inline-save-tax':
|
||||
check_ajax_referer( 'taxinlineeditnonce', '_inline_edit' );
|
||||
|
||||
$taxonomy = !empty($_POST['taxonomy']) ? $_POST['taxonomy'] : false;
|
||||
if ( ! $taxonomy )
|
||||
die( __('Cheatin’ uh?') );
|
||||
$tax = get_taxonomy($taxonomy);
|
||||
require_once( './includes/default-list-tables.php' );
|
||||
$table = new WP_Terms_Table();
|
||||
|
||||
if ( ! current_user_can( $tax->cap->edit_terms ) )
|
||||
die( __('Cheatin’ uh?') );
|
||||
$table->check_permissions('edit');
|
||||
|
||||
if ( ! isset($_POST['tax_ID']) || ! ( $id = (int) $_POST['tax_ID'] ) )
|
||||
die(-1);
|
||||
|
||||
$taxonomy = !empty($_POST['taxonomy']) ? $_POST['taxonomy'] : 'post_tag';
|
||||
|
||||
$tag = get_term( $id, $taxonomy );
|
||||
$_POST['description'] = $tag->description;
|
||||
|
||||
@ -1253,11 +1248,6 @@ case 'inline-save-tax':
|
||||
die( __('Item not updated.') );
|
||||
}
|
||||
|
||||
set_current_screen( 'edit-' . $taxonomy );
|
||||
|
||||
require_once( './includes/default-list-tables.php' );
|
||||
$table = new WP_Terms_Table( 'ajax' );
|
||||
|
||||
echo $table->single_row( $tag, 0, $taxonomy );
|
||||
} else {
|
||||
if ( is_wp_error($updated) && $updated->get_error_message() )
|
||||
|
@ -9,8 +9,10 @@
|
||||
/** WordPress Administration Bootstrap */
|
||||
require_once('./admin.php');
|
||||
|
||||
if ( !current_user_can('edit_posts') )
|
||||
wp_die(__('Cheatin’ uh?'));
|
||||
require_once( './includes/default-list-tables.php' );
|
||||
|
||||
$table = new WP_Comments_Table;
|
||||
$table->check_permissions();
|
||||
|
||||
if ( isset( $_REQUEST['doaction'] ) || isset( $_REQUEST['doaction2'] ) || isset( $_REQUEST['delete_all'] ) || isset( $_REQUEST['delete_all2'] ) ) {
|
||||
check_admin_referer( 'bulk-comments' );
|
||||
@ -95,9 +97,7 @@ if ( isset( $_REQUEST['doaction'] ) || isset( $_REQUEST['doaction2'] ) || isset
|
||||
exit;
|
||||
}
|
||||
|
||||
require_once( './includes/default-list-tables.php' );
|
||||
|
||||
$table = new WP_Comments_Table;
|
||||
$table->prepare_items();
|
||||
|
||||
wp_enqueue_script('admin-comments');
|
||||
enqueue_comment_hotkeys_js();
|
||||
|
@ -12,6 +12,7 @@ require_once('./admin.php');
|
||||
require_once( './includes/default-list-tables.php' );
|
||||
|
||||
$table = new WP_Terms_Table;
|
||||
$table->check_permissions();
|
||||
|
||||
$title = $tax->labels->name;
|
||||
|
||||
@ -151,6 +152,8 @@ if ( ! empty($_REQUEST['_wp_http_referer']) ) {
|
||||
exit;
|
||||
}
|
||||
|
||||
$table->prepare_items();
|
||||
|
||||
wp_enqueue_script('admin-tags');
|
||||
if ( current_user_can($tax->cap->edit_terms) )
|
||||
wp_enqueue_script('inline-edit-tax');
|
||||
|
@ -12,6 +12,7 @@ require_once( './admin.php' );
|
||||
require_once( './includes/default-list-tables.php' );
|
||||
|
||||
$table = new WP_Posts_Table;
|
||||
$table->check_permissions();
|
||||
|
||||
// Back-compat for viewing comments of an entry
|
||||
if ( $_redirect = intval( max( @$_REQUEST['p'], @$_REQUEST['attachment_id'], @$_REQUEST['page_id'] ) ) ) {
|
||||
@ -118,6 +119,8 @@ if ( 'post' != $post_type ) {
|
||||
$post_new_file = 'post-new.php';
|
||||
}
|
||||
|
||||
$table->prepare_items();
|
||||
|
||||
wp_enqueue_script('inline-edit-post');
|
||||
|
||||
$title = $post_type_object->labels->name;
|
||||
|
@ -22,8 +22,8 @@ class WP_Posts_Table extends WP_List_Table {
|
||||
*/
|
||||
var $_hierarchical_display;
|
||||
|
||||
function WP_Posts_Table( $context = 'normal' ) {
|
||||
global $post_type_object, $post_type, $avail_post_stati, $wp_query, $per_page, $mode, $current_screen;
|
||||
function WP_Posts_Table() {
|
||||
global $post_type_object, $post_type, $current_screen;
|
||||
|
||||
if ( !isset( $_REQUEST['post_type'] ) )
|
||||
$post_type = 'post';
|
||||
@ -35,16 +35,21 @@ class WP_Posts_Table extends WP_List_Table {
|
||||
|
||||
$post_type_object = get_post_type_object( $post_type );
|
||||
|
||||
if ( !current_user_can( $post_type_object->cap->edit_posts ) )
|
||||
wp_die( __( 'Cheatin’ uh?' ) );
|
||||
|
||||
parent::WP_List_Table( array(
|
||||
'screen' => $current_screen,
|
||||
'plural' => 'posts',
|
||||
) );
|
||||
}
|
||||
|
||||
if ( 'normal' != $context )
|
||||
return;
|
||||
function check_permissions() {
|
||||
global $post_type_object;
|
||||
|
||||
if ( !current_user_can( $post_type_object->cap->edit_posts ) )
|
||||
wp_die( __( 'Cheatin’ uh?' ) );
|
||||
}
|
||||
|
||||
function prepare_items() {
|
||||
global $post_type_object, $post_type, $avail_post_stati, $wp_query, $per_page, $mode;
|
||||
|
||||
$avail_post_stati = wp_edit_posts_query();
|
||||
|
||||
@ -1072,34 +1077,24 @@ class WP_Posts_Table extends WP_List_Table {
|
||||
|
||||
class WP_Media_Table extends WP_List_Table {
|
||||
|
||||
function WP_Media_Table( $context = 'normal' ) {
|
||||
global $wpdb, $wp_query, $detached, $post_mime_types, $avail_post_mime_types;
|
||||
function WP_Media_Table() {
|
||||
global $detached;
|
||||
|
||||
if ( isset( $_REQUEST['find_detached'] ) ) {
|
||||
if ( !current_user_can( 'edit_posts' ) )
|
||||
wp_die( __( 'You are not allowed to scan for lost attachments.' ) );
|
||||
|
||||
$lost = $wpdb->get_col( "
|
||||
SELECT ID FROM $wpdb->posts
|
||||
WHERE post_type = 'attachment' AND post_parent > '0'
|
||||
AND post_parent NOT IN (
|
||||
SELECT ID FROM $wpdb->posts
|
||||
WHERE post_type NOT IN ( 'attachment', '" . join( "', '", get_post_types( array( 'public' => false ) ) ) . "' )
|
||||
)
|
||||
" );
|
||||
|
||||
$_REQUEST['detached'] = 1;
|
||||
}
|
||||
|
||||
$detached = isset( $_REQUEST['detached'] );
|
||||
$detached = isset( $_REQUEST['detached'] ) || isset( $_REQUEST['find_detached'] );
|
||||
|
||||
parent::WP_List_Table( array(
|
||||
'screen' => $detached ? 'upload-detached' : 'upload',
|
||||
'plural' => 'media'
|
||||
) );
|
||||
}
|
||||
|
||||
if ( 'normal' != $context )
|
||||
return;
|
||||
function check_permissions() {
|
||||
if ( !current_user_can('upload_files') )
|
||||
wp_die( __( 'You do not have permission to upload files.' ) );
|
||||
}
|
||||
|
||||
function prepare_items() {
|
||||
global $lost, $wpdb, $wp_query, $post_mime_types, $avail_post_mime_types;
|
||||
|
||||
$q = $_REQUEST;
|
||||
|
||||
@ -1357,7 +1352,7 @@ foreach ( $columns as $column_name => $column_display_name ) {
|
||||
<?php
|
||||
} else {
|
||||
?>
|
||||
<td <?php echo $attributes ?>><?php _e( '( Unattached )' ); ?><br />
|
||||
<td <?php echo $attributes ?>><?php _e( '(Unattached)' ); ?><br />
|
||||
<a class="hide-if-no-js" onclick="findPosts.open( 'media[]','<?php echo $post->ID ?>' );return false;" href="#the-list"><?php _e( 'Attach' ); ?></a></td>
|
||||
<?php
|
||||
}
|
||||
@ -1502,19 +1497,10 @@ class WP_Terms_Table extends WP_List_Table {
|
||||
|
||||
var $callback_args;
|
||||
|
||||
function WP_Terms_Table( $context = 'normal' ) {
|
||||
function WP_Terms_Table() {
|
||||
global $post_type, $taxonomy, $tax, $current_screen;
|
||||
|
||||
parent::WP_List_Table( array(
|
||||
'screen' => $current_screen,
|
||||
'plural' => 'tags',
|
||||
'singular' => 'tag',
|
||||
) );
|
||||
|
||||
if ( 'normal' != $context )
|
||||
return;
|
||||
|
||||
wp_reset_vars( array( 'action', 'tag', 'taxonomy', 'post_type' ) );
|
||||
wp_reset_vars( array( 'action', 'taxonomy', 'post_type' ) );
|
||||
|
||||
if ( empty( $taxonomy ) )
|
||||
$taxonomy = 'post_tag';
|
||||
@ -1524,12 +1510,31 @@ class WP_Terms_Table extends WP_List_Table {
|
||||
|
||||
$tax = get_taxonomy( $taxonomy );
|
||||
|
||||
if ( ! current_user_can( $tax->cap->manage_terms ) )
|
||||
wp_die( __( 'Cheatin’ uh?' ) );
|
||||
|
||||
if ( empty( $post_type ) || !in_array( $post_type, get_post_types( array( 'public' => true ) ) ) )
|
||||
$post_type = 'post';
|
||||
|
||||
if ( !isset( $current_screen ) )
|
||||
set_current_screen( 'edit-' . $taxonomy );
|
||||
|
||||
parent::WP_List_Table( array(
|
||||
'screen' => $current_screen,
|
||||
'plural' => 'tags',
|
||||
'singular' => 'tag',
|
||||
) );
|
||||
}
|
||||
|
||||
function check_permissions( $type = 'manage' ) {
|
||||
global $tax;
|
||||
|
||||
$cap = 'manage' == $type ? $tax->cap->manage_terms : $tax->cap->edit_terms;
|
||||
|
||||
if ( !current_user_can( $tax->cap->manage_terms ) )
|
||||
wp_die( __( 'Cheatin’ uh?' ) );
|
||||
}
|
||||
|
||||
function prepare_items() {
|
||||
global $taxonomy;
|
||||
|
||||
$tags_per_page = (int) get_user_option( 'edit_' . $taxonomy . '_per_page' );
|
||||
|
||||
if ( empty( $tags_per_page ) || $tags_per_page < 1 )
|
||||
@ -1851,17 +1856,21 @@ class WP_Terms_Table extends WP_List_Table {
|
||||
|
||||
class WP_Users_Table extends WP_List_Table {
|
||||
|
||||
function WP_Users_Table( $context = 'normal' ) {
|
||||
function WP_Users_Table() {
|
||||
global $role, $usersearch;
|
||||
|
||||
parent::WP_List_Table( array(
|
||||
'screen' => 'users',
|
||||
'plural' => 'users'
|
||||
) );
|
||||
}
|
||||
|
||||
if ( 'normal' != $context )
|
||||
return;
|
||||
function check_permissions() {
|
||||
if ( !current_user_can('list_users') )
|
||||
wp_die(__('Cheatin’ uh?'));
|
||||
}
|
||||
|
||||
function prepare_items() {
|
||||
$usersearch = isset( $_REQUEST['s'] ) ? $_REQUEST['s'] : '';
|
||||
|
||||
$role = isset( $_REQUEST['role'] ) ? $_REQUEST['role'] : '';
|
||||
@ -2089,21 +2098,25 @@ class WP_Users_Table extends WP_List_Table {
|
||||
|
||||
class WP_Comments_Table extends WP_List_Table {
|
||||
|
||||
function WP_Comments_Table( $context = 'normal' ) {
|
||||
global $comments, $extra_comments, $total_comments, $post_id, $comment_status, $mode;
|
||||
|
||||
$mode = ( empty( $_REQUEST['mode'] ) ) ? 'detail' : $_REQUEST['mode'];
|
||||
|
||||
function WP_Comments_Table() {
|
||||
parent::WP_List_Table( array(
|
||||
'screen' => 'edit-comments',
|
||||
'plural' => 'comments'
|
||||
) );
|
||||
}
|
||||
|
||||
if ( 'normal' != $context )
|
||||
return;
|
||||
function check_permissions() {
|
||||
if ( !current_user_can('edit_posts') )
|
||||
wp_die(__('Cheatin’ uh?'));
|
||||
}
|
||||
|
||||
function prepare_items() {
|
||||
global $comments, $extra_comments, $total_comments, $post_id, $comment_status, $mode;
|
||||
|
||||
$post_id = isset( $_REQUEST['post_ID'] ) ? absint( $_REQUEST['post_ID'] ) : 0;
|
||||
|
||||
$mode = ( empty( $_REQUEST['mode'] ) ) ? 'detail' : $_REQUEST['mode'];
|
||||
|
||||
$comment_status = isset( $_REQUEST['comment_status'] ) ? $_REQUEST['comment_status'] : 'all';
|
||||
if ( !in_array( $comment_status, array( 'all', 'moderated', 'approved', 'spam', 'trash' ) ) )
|
||||
$comment_status = 'all';
|
||||
@ -2508,6 +2521,18 @@ class WP_Comments_Table extends WP_List_Table {
|
||||
class WP_Links_Table extends WP_List_Table {
|
||||
|
||||
function WP_Links_Table() {
|
||||
parent::WP_List_Table( array(
|
||||
'screen' => 'link-manager',
|
||||
'plural' => 'bookmarks',
|
||||
) );
|
||||
}
|
||||
|
||||
function check_permissions() {
|
||||
if ( ! current_user_can( 'manage_links' ) )
|
||||
wp_die( __( 'You do not have sufficient permissions to edit the links for this site.' ) );
|
||||
}
|
||||
|
||||
function prepare_items() {
|
||||
global $cat_id, $s, $orderby, $order;
|
||||
|
||||
wp_reset_vars( array( 'action', 'cat_id', 'linkurl', 'name', 'image', 'description', 'visible', 'target', 'category', 'link_id', 'submit', 'orderby', 'order', 'links_show_cat_id', 'rating', 'rel', 'notes', 'linkcheck[]', 's' ) );
|
||||
@ -2524,12 +2549,7 @@ class WP_Links_Table extends WP_List_Table {
|
||||
$args['order'] = $order;
|
||||
|
||||
$this->items = get_bookmarks( $args );
|
||||
|
||||
parent::WP_List_Table( array(
|
||||
'screen' => 'link-manager',
|
||||
'plural' => 'bookmarks',
|
||||
) );
|
||||
}
|
||||
}
|
||||
|
||||
function no_items() {
|
||||
_e( 'No links found.' );
|
||||
@ -2690,15 +2710,22 @@ class WP_Links_Table extends WP_List_Table {
|
||||
class WP_Sites_Table extends WP_List_Table {
|
||||
|
||||
function WP_Sites_Table() {
|
||||
parent::WP_List_Table( array(
|
||||
'screen' => 'ms-sites',
|
||||
'plural' => 'sites',
|
||||
) );
|
||||
}
|
||||
|
||||
function check_permissions() {
|
||||
if ( ! current_user_can( 'manage_sites' ) )
|
||||
wp_die( __( 'You do not have permission to access this page.' ) );
|
||||
}
|
||||
|
||||
function prepare_items() {
|
||||
global $s, $mode, $wpdb;
|
||||
|
||||
$mode = ( empty( $_REQUEST['mode'] ) ) ? 'list' : $_REQUEST['mode'];
|
||||
|
||||
parent::WP_List_Table( array(
|
||||
'callback' => 'site_rows',
|
||||
'screen' => 'ms-sites',
|
||||
) );
|
||||
|
||||
$pagenum = $this->get_pagenum();
|
||||
|
||||
$per_page = (int) get_user_option( 'ms_sites_per_page' );
|
||||
@ -2978,13 +3005,23 @@ class WP_Sites_Table extends WP_List_Table {
|
||||
class WP_MS_Users_Table extends WP_List_Table {
|
||||
|
||||
function WP_MS_Users_Table() {
|
||||
global $s, $mode, $wpdb;
|
||||
|
||||
$mode = ( empty( $_REQUEST['mode'] ) ) ? 'list' : $_REQUEST['mode'];
|
||||
|
||||
parent::WP_List_Table( array(
|
||||
'screen' => 'ms-users',
|
||||
) );
|
||||
}
|
||||
|
||||
function check_permissions() {
|
||||
if ( !is_multisite() )
|
||||
wp_die( __( 'Multisite support is not enabled.' ) );
|
||||
|
||||
if ( ! current_user_can( 'manage_network_users' ) )
|
||||
wp_die( __( 'You do not have permission to access this page.' ) );
|
||||
}
|
||||
|
||||
function prepare_items() {
|
||||
global $s, $mode, $wpdb;
|
||||
|
||||
$mode = ( empty( $_REQUEST['mode'] ) ) ? 'list' : $_REQUEST['mode'];
|
||||
|
||||
$pagenum = $this->get_pagenum();
|
||||
|
||||
@ -3201,24 +3238,31 @@ class WP_MS_Users_Table extends WP_List_Table {
|
||||
class WP_Plugins_Table extends WP_List_Table {
|
||||
|
||||
function WP_Plugins_Table() {
|
||||
global $status, $plugins, $totals, $page, $orderby, $order, $s;
|
||||
|
||||
parent::WP_List_Table( array(
|
||||
'screen' => 'plugins',
|
||||
'plural' => 'plugins',
|
||||
) );
|
||||
}
|
||||
|
||||
function check_permissions() {
|
||||
if ( is_multisite() ) {
|
||||
$menu_perms = get_site_option( 'menu_items', array() );
|
||||
|
||||
if ( empty( $menu_perms['plugins'] ) ) {
|
||||
if ( !is_super_admin() )
|
||||
wp_die( __( 'Cheatin’ uh?' ) );
|
||||
}
|
||||
}
|
||||
|
||||
if ( !current_user_can('activate_plugins') )
|
||||
wp_die( __( 'You do not have sufficient permissions to manage plugins for this site.' ) );
|
||||
}
|
||||
|
||||
function prepare_items() {
|
||||
global $status, $plugins, $totals, $page, $orderby, $order, $s;
|
||||
|
||||
wp_reset_vars( array( 'orderby', 'order', 's' ) );
|
||||
|
||||
$default_status = get_user_option( 'plugins_last_view' );
|
||||
if ( empty( $default_status ) )
|
||||
$default_status = 'all';
|
||||
$status = isset( $_REQUEST['plugin_status'] ) ? $_REQUEST['plugin_status'] : $default_status;
|
||||
if ( !in_array( $status, array( 'all', 'active', 'inactive', 'recently_activated', 'upgrade', 'network', 'mustuse', 'dropins', 'search' ) ) )
|
||||
$status = 'all';
|
||||
if ( $status != $default_status && 'search' != $status )
|
||||
update_user_meta( get_current_user_id(), 'plugins_last_view', $status );
|
||||
|
||||
$page = $this->get_pagenum();
|
||||
|
||||
$plugins = array(
|
||||
@ -3538,13 +3582,20 @@ class WP_Plugins_Table extends WP_List_Table {
|
||||
class WP_Plugin_Install_Table extends WP_List_Table {
|
||||
|
||||
function WP_Plugin_Install_Table() {
|
||||
include( ABSPATH . 'wp-admin/includes/plugin-install.php' );
|
||||
|
||||
global $tabs, $tab, $paged, $type, $term;
|
||||
|
||||
parent::WP_List_Table( array(
|
||||
'screen' => 'plugin-install',
|
||||
) );
|
||||
}
|
||||
|
||||
function check_permissions() {
|
||||
if ( ! current_user_can('install_plugins') )
|
||||
wp_die(__('You do not have sufficient permissions to install plugins on this site.'));
|
||||
}
|
||||
|
||||
function prepare_items() {
|
||||
include( ABSPATH . 'wp-admin/includes/plugin-install.php' );
|
||||
|
||||
global $tabs, $tab, $paged, $type, $term;
|
||||
|
||||
wp_reset_vars( array( 'tab' ) );
|
||||
|
||||
@ -3743,6 +3794,17 @@ class WP_Plugin_Install_Table extends WP_List_Table {
|
||||
class WP_Themes_Table extends WP_List_Table {
|
||||
|
||||
function WP_Themes_Table() {
|
||||
parent::__construct( array(
|
||||
'screen' => 'themes',
|
||||
) );
|
||||
}
|
||||
|
||||
function check_permissions() {
|
||||
if ( !current_user_can('switch_themes') && !current_user_can('edit_theme_options') )
|
||||
wp_die( __( 'Cheatin’ uh?' ) );
|
||||
}
|
||||
|
||||
function prepare_items() {
|
||||
global $ct;
|
||||
|
||||
$ct = current_theme_info();
|
||||
@ -3758,10 +3820,6 @@ class WP_Themes_Table extends WP_List_Table {
|
||||
|
||||
$this->items = array_slice( $themes, $start, $per_page );
|
||||
|
||||
parent::__construct( array(
|
||||
'screen' => 'themes',
|
||||
) );
|
||||
|
||||
$this->set_pagination_args( array(
|
||||
'query_var' => 'pagenum',
|
||||
'total_items' => count( $themes ),
|
||||
@ -3885,14 +3943,21 @@ foreach ( $cols as $col => $theme_name ) {
|
||||
class WP_Theme_Install_Table extends WP_List_Table {
|
||||
|
||||
function WP_Theme_Install_Table() {
|
||||
include( ABSPATH . 'wp-admin/includes/theme-install.php' );
|
||||
|
||||
global $tabs, $tab, $paged, $type, $term, $theme_field_defaults;
|
||||
|
||||
parent::WP_List_Table( array(
|
||||
'screen' => 'theme-install',
|
||||
) );
|
||||
}
|
||||
|
||||
function check_permissions() {
|
||||
if ( ! current_user_can('install_themes') )
|
||||
wp_die( __( 'You do not have sufficient permissions to install themes on this site.' ) );
|
||||
}
|
||||
|
||||
function prepare_items() {
|
||||
include( ABSPATH . 'wp-admin/includes/theme-install.php' );
|
||||
|
||||
global $tabs, $tab, $paged, $type, $term, $theme_field_defaults;
|
||||
|
||||
wp_reset_vars( array( 'tab' ) );
|
||||
|
||||
$paged = $this->get_pagenum();
|
||||
|
@ -93,6 +93,28 @@ class WP_List_Table {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks the current user's permissions
|
||||
* @uses wp_die()
|
||||
*
|
||||
* @since 3.1.0
|
||||
* @access public
|
||||
*/
|
||||
function check_permissions() {
|
||||
die( 'function WP_List_Table::check_permissions() must be over-ridden in a sub-class.' );
|
||||
}
|
||||
|
||||
/**
|
||||
* Prepares the list of items for displaying.
|
||||
* @uses WP_List_Table::set_pagination_args()
|
||||
*
|
||||
* @since 3.1.0
|
||||
* @access public
|
||||
*/
|
||||
function prepare_items() {
|
||||
die( 'function WP_List_Table::prepare_items() must be over-ridden in a sub-class.' );
|
||||
}
|
||||
|
||||
/**
|
||||
* An internal method that sets all the necessary pagination arguments
|
||||
*
|
||||
@ -568,6 +590,9 @@ class WP_List_Table {
|
||||
* @access public
|
||||
*/
|
||||
function ajax_response() {
|
||||
$this->check_permissions();
|
||||
$this->prepare_items();
|
||||
|
||||
extract( $this->_args );
|
||||
extract( $this->_pagination_args );
|
||||
|
||||
|
@ -9,15 +9,17 @@
|
||||
/** Load WordPress Administration Bootstrap */
|
||||
require_once ('admin.php');
|
||||
|
||||
require_once( './includes/default-list-tables.php' );
|
||||
|
||||
$table = new WP_Links_Table;
|
||||
$table->check_permissions();
|
||||
|
||||
// Handle bulk deletes
|
||||
if ( isset( $_REQUEST['action'] ) && isset( $_REQUEST['linkcheck'] ) ) {
|
||||
check_admin_referer( 'bulk-bookmarks' );
|
||||
|
||||
$doaction = $_REQUEST['action'] ? $_REQUEST['action'] : $_REQUEST['action2'];
|
||||
|
||||
if ( ! current_user_can( 'manage_links' ) )
|
||||
wp_die( __( 'You do not have sufficient permissions to edit the links for this site.' ) );
|
||||
|
||||
if ( 'delete' == $doaction ) {
|
||||
$bulklinks = (array) $_REQUEST['linkcheck'];
|
||||
foreach ( $bulklinks as $link_id ) {
|
||||
@ -33,9 +35,7 @@ if ( isset( $_REQUEST['action'] ) && isset( $_REQUEST['linkcheck'] ) ) {
|
||||
exit;
|
||||
}
|
||||
|
||||
require_once( './includes/default-list-tables.php' );
|
||||
|
||||
$table = new WP_Links_Table;
|
||||
$table->prepare_items();
|
||||
|
||||
$title = __('Links');
|
||||
$this_file = $parent_file = 'link-manager.php';
|
||||
|
@ -12,8 +12,10 @@ require_once( './admin.php' );
|
||||
if ( ! is_multisite() )
|
||||
wp_die( __( 'Multisite support is not enabled.' ) );
|
||||
|
||||
if ( ! current_user_can( 'manage_sites' ) )
|
||||
wp_die( __( 'You do not have permission to access this page.' ) );
|
||||
require_once( '../includes/default-list-tables.php' );
|
||||
|
||||
$table = new WP_Sites_Table;
|
||||
$table->check_permissions();
|
||||
|
||||
$title = __( 'Sites' );
|
||||
$parent_file = 'sites.php';
|
||||
@ -348,9 +350,7 @@ switch ( $action ) {
|
||||
// List sites
|
||||
case 'list':
|
||||
default:
|
||||
require_once( '../includes/default-list-tables.php' );
|
||||
|
||||
$table = new WP_Sites_Table;
|
||||
$table->prepare_items();
|
||||
|
||||
require_once( '../admin-header.php' );
|
||||
?>
|
||||
|
@ -9,11 +9,11 @@
|
||||
|
||||
require_once( './admin.php' );
|
||||
|
||||
if ( !is_multisite() )
|
||||
wp_die( __( 'Multisite support is not enabled.' ) );
|
||||
require_once( '../includes/default-list-tables.php' );
|
||||
|
||||
if ( ! current_user_can( 'manage_network_users' ) )
|
||||
wp_die( __( 'You do not have permission to access this page.' ) );
|
||||
$table = new WP_MS_Users_Table;
|
||||
$table->check_permissions();
|
||||
$table->prepare_items();
|
||||
|
||||
$title = __( 'Users' );
|
||||
$parent_file = 'users.php';
|
||||
@ -32,10 +32,6 @@ add_contextual_help($current_screen,
|
||||
'<p>' . __('<a href="http://wordpress.org/support/" target="_blank">Support Forums</a>') . '</p>'
|
||||
);
|
||||
|
||||
require_once( '../includes/default-list-tables.php' );
|
||||
|
||||
$table = new WP_MS_Users_Table;
|
||||
|
||||
require_once( '../admin-header.php' );
|
||||
|
||||
if ( isset( $_REQUEST['updated'] ) && $_REQUEST['updated'] == 'true' && ! empty( $_REQUEST['action'] ) ) {
|
||||
|
@ -9,12 +9,11 @@
|
||||
/** WordPress Administration Bootstrap */
|
||||
require_once('./admin.php');
|
||||
|
||||
if ( ! current_user_can('install_plugins') )
|
||||
wp_die(__('You do not have sufficient permissions to install plugins on this site.'));
|
||||
|
||||
require_once( './includes/default-list-tables.php' );
|
||||
|
||||
$table = new WP_Plugin_Install_Table;
|
||||
$table->check_permissions();
|
||||
$table->prepare_items();
|
||||
|
||||
$title = __('Install Plugins');
|
||||
$parent_file = 'plugins.php';
|
||||
|
@ -8,17 +8,11 @@
|
||||
|
||||
/** WordPress Administration Bootstrap */
|
||||
require_once('./admin.php');
|
||||
if ( is_multisite() ) {
|
||||
$menu_perms = get_site_option( 'menu_items', array() );
|
||||
|
||||
if ( empty( $menu_perms['plugins'] ) ) {
|
||||
if ( ! is_super_admin() )
|
||||
wp_die( __( 'Cheatin’ uh?' ) );
|
||||
}
|
||||
}
|
||||
|
||||
if ( ! current_user_can( 'activate_plugins' ) )
|
||||
wp_die( __( 'You do not have sufficient permissions to manage plugins for this site.' ) );
|
||||
require_once( ABSPATH . 'wp-admin/includes/default-list-tables.php' );
|
||||
|
||||
$table = new WP_Plugins_Table;
|
||||
$table->check_permissions();
|
||||
|
||||
if ( isset($_POST['clear-recent-list']) )
|
||||
$action = 'clear-recent-list';
|
||||
@ -299,9 +293,16 @@ if ( !empty($action) ) {
|
||||
}
|
||||
}
|
||||
|
||||
require_once( ABSPATH . 'wp-admin/includes/default-list-tables.php' );
|
||||
$default_status = get_user_option( 'plugins_last_view' );
|
||||
if ( empty( $default_status ) )
|
||||
$default_status = 'all';
|
||||
$status = isset( $_REQUEST['plugin_status'] ) ? $_REQUEST['plugin_status'] : $default_status;
|
||||
if ( !in_array( $status, array( 'all', 'active', 'inactive', 'recently_activated', 'upgrade', 'network', 'mustuse', 'dropins', 'search' ) ) )
|
||||
$status = 'all';
|
||||
if ( $status != $default_status && 'search' != $status )
|
||||
update_user_meta( get_current_user_id(), 'plugins_last_view', $status );
|
||||
|
||||
$table = new WP_Plugins_Table;
|
||||
$table->prepare_items();
|
||||
|
||||
wp_enqueue_script('plugin-install');
|
||||
add_thickbox();
|
||||
|
@ -9,12 +9,11 @@
|
||||
/** WordPress Administration Bootstrap */
|
||||
require_once('./admin.php');
|
||||
|
||||
if ( ! current_user_can('install_themes') )
|
||||
wp_die(__('You do not have sufficient permissions to install themes on this site.'));
|
||||
|
||||
require_once( './includes/default-list-tables.php' );
|
||||
|
||||
$table = new WP_Theme_Install_Table;
|
||||
$table->check_permissions();
|
||||
$table->prepare_items();
|
||||
|
||||
$title = __('Install Themes');
|
||||
$parent_file = 'themes.php';
|
||||
|
@ -9,8 +9,10 @@
|
||||
/** WordPress Administration Bootstrap */
|
||||
require_once('./admin.php');
|
||||
|
||||
if ( !current_user_can('switch_themes') && !current_user_can('edit_theme_options') )
|
||||
wp_die( __( 'Cheatin’ uh?' ) );
|
||||
require_once( './includes/default-list-tables.php' );
|
||||
|
||||
$table = new WP_Themes_Table;
|
||||
$table->check_permissions();
|
||||
|
||||
if ( current_user_can('switch_themes') && isset($_GET['action']) ) {
|
||||
if ( 'activate' == $_GET['action'] ) {
|
||||
@ -28,9 +30,7 @@ if ( current_user_can('switch_themes') && isset($_GET['action']) ) {
|
||||
}
|
||||
}
|
||||
|
||||
require_once( './includes/default-list-tables.php' );
|
||||
|
||||
$table = new WP_Themes_Table;
|
||||
$table->prepare_items();
|
||||
|
||||
$title = __('Manage Themes');
|
||||
$parent_file = 'themes.php';
|
||||
|
@ -9,11 +9,30 @@
|
||||
/** WordPress Administration Bootstrap */
|
||||
require_once( './admin.php' );
|
||||
|
||||
if ( !current_user_can('upload_files') )
|
||||
wp_die(__('You do not have permission to upload files.'));
|
||||
require_once( './includes/default-list-tables.php' );
|
||||
|
||||
$table = new WP_Media_Table;
|
||||
$table->check_permissions();
|
||||
|
||||
// Handle bulk actions
|
||||
if ( isset( $_REQUEST['found_post_id'] ) && isset( $_REQUEST['media'] ) ) {
|
||||
if ( isset($_REQUEST['find_detached']) ) {
|
||||
check_admin_referer('bulk-media');
|
||||
|
||||
if ( !current_user_can('edit_posts') )
|
||||
wp_die( __('You are not allowed to scan for lost attachments.') );
|
||||
|
||||
$lost = $wpdb->get_col( "
|
||||
SELECT ID FROM $wpdb->posts
|
||||
WHERE post_type = 'attachment' AND post_parent > '0'
|
||||
AND post_parent NOT IN (
|
||||
SELECT ID FROM $wpdb->posts
|
||||
WHERE post_type NOT IN ( 'attachment', '" . join( "', '", get_post_types( array( 'public' => false ) ) ) . "' )
|
||||
)
|
||||
" );
|
||||
|
||||
$_REQUEST['detached'] = 1;
|
||||
|
||||
} elseif ( isset( $_REQUEST['found_post_id'] ) && isset( $_REQUEST['media'] ) ) {
|
||||
check_admin_referer( 'bulk-media' );
|
||||
|
||||
$parent_id = (int) $_REQUEST['found_post_id'];
|
||||
@ -111,9 +130,7 @@ if ( isset( $_REQUEST['found_post_id'] ) && isset( $_REQUEST['media'] ) ) {
|
||||
exit;
|
||||
}
|
||||
|
||||
require_once( './includes/default-list-tables.php' );
|
||||
|
||||
$table = new WP_Media_Table;
|
||||
$table->prepare_items();
|
||||
|
||||
$title = __('Media Library');
|
||||
$parent_file = 'upload.php';
|
||||
|
@ -12,8 +12,10 @@ require_once( './admin.php' );
|
||||
/** WordPress Registration API */
|
||||
require_once( ABSPATH . WPINC . '/registration.php');
|
||||
|
||||
if ( !current_user_can('list_users') )
|
||||
wp_die(__('Cheatin’ uh?'));
|
||||
require_once( './includes/default-list-tables.php' );
|
||||
|
||||
$table = new WP_Users_Table;
|
||||
$table->check_permissions();
|
||||
|
||||
$title = __('Users');
|
||||
$parent_file = 'users.php';
|
||||
@ -306,9 +308,7 @@ default:
|
||||
exit;
|
||||
}
|
||||
|
||||
require_once( './includes/default-list-tables.php' );
|
||||
|
||||
$table = new WP_Users_Table;
|
||||
$table->prepare_items();
|
||||
|
||||
include('./admin-header.php');
|
||||
|
||||
|
@ -2656,9 +2656,12 @@ function wp_nonce_ays( $action ) {
|
||||
* @param string|array $args Optional arguements to control behaviour.
|
||||
*/
|
||||
function wp_die( $message, $title = '', $args = array() ) {
|
||||
if ( defined( 'DOING_AJAX' ) && DOING_AJAX )
|
||||
die('-1');
|
||||
|
||||
if ( function_exists( 'apply_filters' ) ) {
|
||||
$function = apply_filters( 'wp_die_handler', '_default_wp_die_handler');
|
||||
}else {
|
||||
} else {
|
||||
$function = '_default_wp_die_handler';
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user