Cap migration.
git-svn-id: http://svn.automattic.com/wordpress/trunk@2720 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
4260709314
commit
1e5d0b0736
|
@ -2,7 +2,7 @@
|
||||||
$mode = 'bookmarklet';
|
$mode = 'bookmarklet';
|
||||||
require_once('admin.php');
|
require_once('admin.php');
|
||||||
|
|
||||||
if ($user_level == 0)
|
if ( ! current_user_can('edit_posts') )
|
||||||
die ("Cheatin' uh?");
|
die ("Cheatin' uh?");
|
||||||
|
|
||||||
if ('b' == $a) {
|
if ('b' == $a) {
|
||||||
|
|
|
@ -3,25 +3,13 @@ require_once('admin.php');
|
||||||
$title = __('Pages');
|
$title = __('Pages');
|
||||||
$parent_file = 'edit.php';
|
$parent_file = 'edit.php';
|
||||||
require_once('admin-header.php');
|
require_once('admin-header.php');
|
||||||
|
|
||||||
get_currentuserinfo();
|
|
||||||
?>
|
?>
|
||||||
|
|
||||||
<div class="wrap">
|
<div class="wrap">
|
||||||
<h2><?php _e('Page Management'); ?></h2>
|
<h2><?php _e('Page Management'); ?></h2>
|
||||||
|
|
||||||
<?php
|
<?php
|
||||||
/*
|
$posts = $wpdb->get_results("SELECT * FROM $wpdb->posts WHERE post_status = 'static'");
|
||||||
if (isset($user_ID) && ('' != intval($user_ID))) {
|
|
||||||
$posts = $wpdb->get_results("
|
|
||||||
SELECT $wpdb->posts.*, $wpdb->users.user_level FROM $wpdb->posts
|
|
||||||
INNER JOIN $wpdb->users ON ($wpdb->posts.post_author = $wpdb->users.ID)
|
|
||||||
WHERE $wpdb->posts.post_status = 'static'
|
|
||||||
AND ($wpdb->users.user_level < $user_level OR $wpdb->posts.post_author = $user_ID)
|
|
||||||
");
|
|
||||||
} else { */
|
|
||||||
$posts = $wpdb->get_results("SELECT * FROM $wpdb->posts WHERE post_status = 'static'");
|
|
||||||
// } FIXME
|
|
||||||
|
|
||||||
if ($posts) {
|
if ($posts) {
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -7,8 +7,6 @@ require_once('admin-header.php');
|
||||||
|
|
||||||
$_GET['m'] = (int) $_GET['m'];
|
$_GET['m'] = (int) $_GET['m'];
|
||||||
|
|
||||||
get_currentuserinfo();
|
|
||||||
|
|
||||||
$drafts = get_users_drafts( $user_ID );
|
$drafts = get_users_drafts( $user_ID );
|
||||||
$other_drafts = get_others_drafts( $user_ID);
|
$other_drafts = get_others_drafts( $user_ID);
|
||||||
|
|
||||||
|
@ -255,7 +253,7 @@ $comment_status = wp_get_comment_status($comment->comment_ID);
|
||||||
if ( current_user_can('edit_post', $post->ID) ) {
|
if ( current_user_can('edit_post', $post->ID) ) {
|
||||||
echo "[ <a href=\"post.php?action=editcomment&comment=".$comment->comment_ID."\">" . __('Edit') . "</a>";
|
echo "[ <a href=\"post.php?action=editcomment&comment=".$comment->comment_ID."\">" . __('Edit') . "</a>";
|
||||||
echo " - <a href=\"post.php?action=deletecomment&p=".$post->ID."&comment=".$comment->comment_ID."\" onclick=\"return confirm('" . sprintf(__("You are about to delete this comment by \'%s\'\\n \'OK\' to delete, \'Cancel\' to stop."), $comment->comment_author) . "')\">" . __('Delete') . "</a> ";
|
echo " - <a href=\"post.php?action=deletecomment&p=".$post->ID."&comment=".$comment->comment_ID."\" onclick=\"return confirm('" . sprintf(__("You are about to delete this comment by \'%s\'\\n \'OK\' to delete, \'Cancel\' to stop."), $comment->comment_author) . "')\">" . __('Delete') . "</a> ";
|
||||||
if ( ('none' != $comment_status) && ($user_level >= 3) ) {
|
if ( ('none' != $comment_status) && ( current_user_can('moderate_comments') ) ) {
|
||||||
if ('approved' == wp_get_comment_status($comment->comment_ID)) {
|
if ('approved' == wp_get_comment_status($comment->comment_ID)) {
|
||||||
echo " - <a href=\"post.php?action=unapprovecomment&p=".$post->ID."&comment=".$comment->comment_ID."\">" . __('Unapprove') . "</a> ";
|
echo " - <a href=\"post.php?action=unapprovecomment&p=".$post->ID."&comment=".$comment->comment_ID."\">" . __('Unapprove') . "</a> ";
|
||||||
} else {
|
} else {
|
||||||
|
|
|
@ -8,7 +8,7 @@ get_admin_page_parent();
|
||||||
foreach ($menu as $item) {
|
foreach ($menu as $item) {
|
||||||
$class = '';
|
$class = '';
|
||||||
|
|
||||||
// 0 = name, 1 = user_level, 2 = file
|
// 0 = name, 1 = capability, 2 = file
|
||||||
if (( strcmp($self, $item[2]) == 0 && empty($parent_file)) || ($parent_file && ($item[2] == $parent_file))) $class = ' class="current"';
|
if (( strcmp($self, $item[2]) == 0 && empty($parent_file)) || ($parent_file && ($item[2] == $parent_file))) $class = ' class="current"';
|
||||||
|
|
||||||
if ( current_user_can($item[1]) ) {
|
if ( current_user_can($item[1]) ) {
|
||||||
|
|
|
@ -31,9 +31,8 @@ switch($action) {
|
||||||
|
|
||||||
case 'update':
|
case 'update':
|
||||||
|
|
||||||
if ($user_level < 3) {
|
if ( ! current_user_can('moderate_comments') )
|
||||||
die(__('<p>Your level is not high enough to moderate comments.</p>'));
|
die(__('<p>Your level is not high enough to moderate comments.</p>'));
|
||||||
}
|
|
||||||
|
|
||||||
$item_ignored = 0;
|
$item_ignored = 0;
|
||||||
$item_deleted = 0;
|
$item_deleted = 0;
|
||||||
|
@ -119,7 +118,7 @@ if ( isset($_GET['deleted']) || isset($_GET['approved']) || isset($_GET['ignored
|
||||||
<div class="wrap">
|
<div class="wrap">
|
||||||
|
|
||||||
<?php
|
<?php
|
||||||
if ($user_level > 3)
|
if ( current_user_can('moderate_comments') )
|
||||||
$comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_approved = '0'");
|
$comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_approved = '0'");
|
||||||
else
|
else
|
||||||
$comments = '';
|
$comments = '';
|
||||||
|
|
|
@ -58,8 +58,6 @@ break;
|
||||||
|
|
||||||
case 'update':
|
case 'update':
|
||||||
|
|
||||||
get_currentuserinfo();
|
|
||||||
|
|
||||||
/* checking the nickname has been typed */
|
/* checking the nickname has been typed */
|
||||||
if (empty($_POST["newuser_nickname"])) {
|
if (empty($_POST["newuser_nickname"])) {
|
||||||
die (__("<strong>ERROR</strong>: please enter your nickname (can be the same as your username)"));
|
die (__("<strong>ERROR</strong>: please enter your nickname (can be the same as your username)"));
|
||||||
|
@ -276,7 +274,7 @@ if ( $show_password_fields ) :
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
|
||||||
<?php if ($is_gecko && $profiledata->user_level != 0) { ?>
|
<?php if ( $is_gecko && current_user_can('edit_posts') ) { ?>
|
||||||
<div class="wrap">
|
<div class="wrap">
|
||||||
<script type="text/javascript">
|
<script type="text/javascript">
|
||||||
//<![CDATA[
|
//<![CDATA[
|
||||||
|
|
|
@ -3,9 +3,7 @@ $mode = 'sidebar';
|
||||||
|
|
||||||
require_once('admin.php');
|
require_once('admin.php');
|
||||||
|
|
||||||
get_currentuserinfo();
|
if ( ! current_user_can('edit_posts') )
|
||||||
|
|
||||||
if ($user_level == 0)
|
|
||||||
die ("Cheatin' uh ?");
|
die ("Cheatin' uh ?");
|
||||||
|
|
||||||
if ('b' == $_GET['a']) {
|
if ('b' == $_GET['a']) {
|
||||||
|
|
|
@ -36,9 +36,8 @@ switch($action) {
|
||||||
|
|
||||||
case 'update':
|
case 'update':
|
||||||
|
|
||||||
if ($user_level < 5) {
|
if ( ! current_user_can('edit_files') )
|
||||||
die(__('<p>You have do not have sufficient permissions to edit templates for this blog.</p>'));
|
die(__('<p>You have do not have sufficient permissions to edit templates for this blog.</p>'));
|
||||||
}
|
|
||||||
|
|
||||||
$newcontent = stripslashes($_POST['newcontent']);
|
$newcontent = stripslashes($_POST['newcontent']);
|
||||||
if (is_writeable($real_file)) {
|
if (is_writeable($real_file)) {
|
||||||
|
@ -57,7 +56,8 @@ break;
|
||||||
default:
|
default:
|
||||||
|
|
||||||
require_once('./admin-header.php');
|
require_once('./admin-header.php');
|
||||||
if ( $user_level <= 5 )
|
|
||||||
|
if ( ! current_user_can('edit_files') )
|
||||||
die(__('<p>You have do not have sufficient permissions to edit templates for this blog.</p>'));
|
die(__('<p>You have do not have sufficient permissions to edit templates for this blog.</p>'));
|
||||||
|
|
||||||
if ( strstr( $file, 'wp-config.php' ) )
|
if ( strstr( $file, 'wp-config.php' ) )
|
||||||
|
|
|
@ -244,6 +244,7 @@ function populate_roles() {
|
||||||
'edit_published_posts' => true,
|
'edit_published_posts' => true,
|
||||||
'publish_posts' => true,
|
'publish_posts' => true,
|
||||||
'edit_pages' => true,
|
'edit_pages' => true,
|
||||||
|
'moderate_comments' => true,
|
||||||
'manage_categories' => true,
|
'manage_categories' => true,
|
||||||
'manage_links' => true,
|
'manage_links' => true,
|
||||||
'upload_files' => true,
|
'upload_files' => true,
|
||||||
|
@ -276,9 +277,10 @@ function populate_roles() {
|
||||||
'edit_published_posts' => true,
|
'edit_published_posts' => true,
|
||||||
'publish_posts' => true,
|
'publish_posts' => true,
|
||||||
'edit_pages' => true,
|
'edit_pages' => true,
|
||||||
|
'moderate_comments' => true,
|
||||||
'manage_categories' => true,
|
'manage_categories' => true,
|
||||||
'manage_links' => true,
|
'manage_links' => true,
|
||||||
'upload_images' => true,
|
'upload_files' => true,
|
||||||
'read' => true,
|
'read' => true,
|
||||||
'level_7' => true,
|
'level_7' => true,
|
||||||
'level_6' => true,
|
'level_6' => true,
|
||||||
|
@ -295,7 +297,7 @@ function populate_roles() {
|
||||||
'capabilities' => array(
|
'capabilities' => array(
|
||||||
'edit_posts' => true,
|
'edit_posts' => true,
|
||||||
'publish_posts' => true,
|
'publish_posts' => true,
|
||||||
'upload_images' => true,
|
'upload_files' => true,
|
||||||
'read' => true,
|
'read' => true,
|
||||||
'level_2' => true,
|
'level_2' => true,
|
||||||
'level_1' => true,
|
'level_1' => true,
|
||||||
|
|
|
@ -5,13 +5,10 @@ $title = 'Upload Image or File';
|
||||||
|
|
||||||
require_once('admin-header.php');
|
require_once('admin-header.php');
|
||||||
|
|
||||||
if ($user_level == 0) //Checks to see if user has logged in
|
|
||||||
die (__("Cheatin' uh ?"));
|
|
||||||
|
|
||||||
if (!get_settings('use_fileupload')) //Checks if file upload is enabled in the config
|
if (!get_settings('use_fileupload')) //Checks if file upload is enabled in the config
|
||||||
die (__("The admin disabled this function"));
|
die (__("The admin disabled this function"));
|
||||||
|
|
||||||
if ( !get_settings('fileupload_minlevel') )
|
if ( ! current_user_can('upload_files') )
|
||||||
die (__("You are not allowed to upload files"));
|
die (__("You are not allowed to upload files"));
|
||||||
|
|
||||||
$allowed_types = explode(' ', trim(strtolower(get_settings('fileupload_allowedtypes'))));
|
$allowed_types = explode(' ', trim(strtolower(get_settings('fileupload_allowedtypes'))));
|
||||||
|
|
Loading…
Reference in New Issue