diff --git a/wp-admin/includes/ajax-actions.php b/wp-admin/includes/ajax-actions.php index d96220824f..c5718aeb50 100644 --- a/wp-admin/includes/ajax-actions.php +++ b/wp-admin/includes/ajax-actions.php @@ -2835,8 +2835,14 @@ function wp_ajax_destroy_sessions() { * @since 4.2.0 */ function wp_ajax_install_plugin() { + $status = array( + 'install' => 'plugin', + 'slug' => sanitize_key( $_POST['slug'] ), + ); + if ( ! current_user_can( 'install_plugins' ) ) { - wp_die( __('You do not have sufficient permissions to install plugins on this site.') ); + $status['error'] = __( 'You do not have sufficient permissions to install plugins on this site.' ); + wp_send_json_error( $status ); } check_ajax_referer( 'updates' ); @@ -2844,11 +2850,6 @@ function wp_ajax_install_plugin() { include_once( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' ); include_once( ABSPATH . 'wp-admin/includes/plugin-install.php' ); - $status = array( - 'install' => 'plugin', - 'slug' => sanitize_key( $_POST['slug'] ), - ); - $api = plugins_api( 'plugin_information', array( 'slug' => sanitize_key( $_POST['slug'] ), 'fields' => array( 'sections' => false ) @@ -2879,14 +2880,6 @@ function wp_ajax_install_plugin() { * @since 4.2.0 */ function wp_ajax_update_plugin() { - if ( ! current_user_can( 'update_plugins' ) ) { - wp_die( __('You do not have sufficient permissions to install plugins on this site.') ); - } - - check_ajax_referer( 'updates' ); - - include_once( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' ); - $plugin = urldecode( $_POST['plugin'] ); $status = array( @@ -2895,6 +2888,15 @@ function wp_ajax_update_plugin() { 'slug' => sanitize_key( $_POST['slug'] ), ); + if ( ! current_user_can( 'update_plugins' ) ) { + $status['error'] = __( 'You do not have sufficient permissions to update plugins on this site.' ); + wp_send_json_error( $status ); + } + + check_ajax_referer( 'updates' ); + + include_once( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' ); + $current = get_site_transient( 'update_plugins' ); if ( empty( $current ) ) { wp_update_plugins(); diff --git a/wp-includes/version.php b/wp-includes/version.php index 7aa4fbfd42..17d1fa7d88 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -4,7 +4,7 @@ * * @global string $wp_version */ -$wp_version = '4.2-alpha-31334'; +$wp_version = '4.2-alpha-31335'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.