Add current_user_can() checks to link.php. Props DD32. fixes #4627
git-svn-id: http://svn.automattic.com/wordpress/trunk@6255 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan
parent
9c6dc8f1be
commit
2762527a1e
|
|
@ -3,6 +3,9 @@ require_once ('admin.php');
|
|||
|
||||
wp_reset_vars(array('action', 'cat_id', 'linkurl', 'name', 'image', 'description', 'visible', 'target', 'category', 'link_id', 'submit', 'order_by', 'links_show_cat_id', 'rating', 'rel', 'notes', 'linkcheck[]'));
|
||||
|
||||
if ( ! current_user_can('manage_links') )
|
||||
wp_die( __('You do not have sufficient permissions to edit the links for this blog.') );
|
||||
|
||||
if ('' != $_POST['deletebookmarks'])
|
||||
$action = 'deletebookmarks';
|
||||
if ('' != $_POST['move'])
|
||||
|
|
@ -13,13 +16,9 @@ if ('' != $_POST['linkcheck'])
|
|||
$this_file = 'link-manager.php';
|
||||
|
||||
switch ($action) {
|
||||
case 'deletebookmarks' :
|
||||
case 'deletebookmarks' :
|
||||
check_admin_referer('bulk-bookmarks');
|
||||
|
||||
// check the current user's level first.
|
||||
if (!current_user_can('manage_links'))
|
||||
wp_die(__('Cheatin’ uh?'));
|
||||
|
||||
//for each link id (in $linkcheck[]) change category to selected value
|
||||
if (count($linkcheck) == 0) {
|
||||
wp_redirect($this_file);
|
||||
|
|
@ -41,10 +40,6 @@ switch ($action) {
|
|||
case 'move' :
|
||||
check_admin_referer('bulk-bookmarks');
|
||||
|
||||
// check the current user's level first.
|
||||
if (!current_user_can('manage_links'))
|
||||
wp_die(__('Cheatin’ uh?'));
|
||||
|
||||
//for each link id (in $linkcheck[]) change category to selected value
|
||||
if (count($linkcheck) == 0) {
|
||||
wp_redirect($this_file);
|
||||
|
|
@ -63,7 +58,7 @@ switch ($action) {
|
|||
|
||||
add_link();
|
||||
|
||||
wp_redirect(wp_get_referer().'?added=true');
|
||||
wp_redirect( wp_get_referer() . '?added=true' );
|
||||
exit;
|
||||
break;
|
||||
|
||||
|
|
@ -81,9 +76,6 @@ switch ($action) {
|
|||
$link_id = (int) $_GET['link_id'];
|
||||
check_admin_referer('delete-bookmark_' . $link_id);
|
||||
|
||||
if (!current_user_can('manage_links'))
|
||||
wp_die(__('Cheatin’ uh?'));
|
||||
|
||||
wp_delete_link($link_id);
|
||||
|
||||
wp_redirect($this_file);
|
||||
|
|
@ -97,21 +89,18 @@ switch ($action) {
|
|||
$parent_file = 'link-manager.php';
|
||||
$submenu_file = 'link-manager.php';
|
||||
$title = __('Edit Link');
|
||||
include_once ('admin-header.php');
|
||||
if (!current_user_can('manage_links'))
|
||||
wp_die(__('You do not have sufficient permissions to edit the links for this blog.'));
|
||||
|
||||
$link_id = (int) $_GET['link_id'];
|
||||
|
||||
if (!$link = get_link_to_edit($link_id))
|
||||
wp_die(__('Link not found.'));
|
||||
|
||||
include_once ('admin-header.php');
|
||||
include ('edit-link-form.php');
|
||||
include ('admin-footer.php');
|
||||
break;
|
||||
|
||||
default :
|
||||
break;
|
||||
}
|
||||
|
||||
include ('admin-footer.php');
|
||||
?>
|
||||
?>
|
||||
Loading…
Reference in New Issue