From 709698a5794fa0674f930ee974fa5d21b8419a09 Mon Sep 17 00:00:00 2001 From: Scott Taylor Date: Fri, 9 Jan 2015 21:07:22 +0000 Subject: [PATCH] In `Custom_Background` and `Custom_Header`: * In `->init()`, don't check `current_user_can()` since `add_theme_page()` will return `false` immediately if the cap check fails. * Bail if `add_theme_page()` returns `false` * `wp_check_filetype_and_ext()` doesn't need a 3rd param, it already defaults to `null`. Passing `false` would fail a strict check. See #30799. Built from https://develop.svn.wordpress.org/trunk@31116 git-svn-id: http://core.svn.wordpress.org/trunk@31097 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/custom-background.php | 19 +++++++++++-------- wp-admin/custom-header.php | 24 +++++++++++++----------- wp-includes/version.php | 2 +- 3 files changed, 25 insertions(+), 20 deletions(-) diff --git a/wp-admin/custom-background.php b/wp-admin/custom-background.php index 8fb1901c25..f2eca8507d 100644 --- a/wp-admin/custom-background.php +++ b/wp-admin/custom-background.php @@ -125,17 +125,20 @@ class Custom_Background { * @since 3.0.0 */ public function init() { - if ( ! current_user_can('edit_theme_options') ) + $page = add_theme_page( __( 'Background' ), __( 'Background' ), 'edit_theme_options', 'custom-background', array( $this, 'admin_page' ) ); + if ( ! $page ) { return; + } - $this->page = $page = add_theme_page(__('Background'), __('Background'), 'edit_theme_options', 'custom-background', array($this, 'admin_page')); + $this->page = $page; - add_action("load-$page", array($this, 'admin_load')); - add_action("load-$page", array($this, 'take_action'), 49); - add_action("load-$page", array($this, 'handle_upload'), 49); + add_action( "load-$page", array( $this, 'admin_load' ) ); + add_action( "load-$page", array( $this, 'take_action' ), 49 ); + add_action( "load-$page", array( $this, 'handle_upload' ), 49 ); - if ( $this->admin_header_callback ) - add_action("admin_head-$page", $this->admin_header_callback, 51); + if ( $this->admin_header_callback ) { + add_action( "admin_head-$page", $this->admin_header_callback, 51 ); + } } /** @@ -427,7 +430,7 @@ if ( current_theme_supports( 'custom-background', 'default-color' ) ) $overrides = array('test_form' => false); $uploaded_file = $_FILES['import']; - $wp_filetype = wp_check_filetype_and_ext( $uploaded_file['tmp_name'], $uploaded_file['name'], false ); + $wp_filetype = wp_check_filetype_and_ext( $uploaded_file['tmp_name'], $uploaded_file['name'] ); if ( ! wp_match_mime_types( 'image', $wp_filetype['type'] ) ) wp_die( __( 'The uploaded file is not a valid image. Please try again.' ) ); diff --git a/wp-admin/custom-header.php b/wp-admin/custom-header.php index e72e7ae2ba..7ca5dc21c2 100644 --- a/wp-admin/custom-header.php +++ b/wp-admin/custom-header.php @@ -143,19 +143,21 @@ class Custom_Image_Header { * @since 2.1.0 */ public function init() { - if ( ! current_user_can('edit_theme_options') ) + $page = add_theme_page( __( 'Header' ), __( 'Header' ), 'edit_theme_options', 'custom-header', array( $this, 'admin_page' ) ); + if ( ! $page ) { return; + } - $this->page = $page = add_theme_page(__('Header'), __('Header'), 'edit_theme_options', 'custom-header', array($this, 'admin_page')); - - add_action("admin_print_scripts-$page", array($this, 'js_includes')); - add_action("admin_print_styles-$page", array($this, 'css_includes')); - add_action("admin_head-$page", array($this, 'help') ); - add_action("admin_head-$page", array($this, 'take_action'), 50); - add_action("admin_head-$page", array($this, 'js'), 50); - if ( $this->admin_header_callback ) - add_action("admin_head-$page", $this->admin_header_callback, 51); + $this->page = $page; + add_action( "admin_print_scripts-$page", array( $this, 'js_includes' ) ); + add_action( "admin_print_styles-$page", array( $this, 'css_includes' ) ); + add_action( "admin_head-$page", array( $this, 'help' ) ); + add_action( "admin_head-$page", array( $this, 'take_action' ), 50 ); + add_action( "admin_head-$page", array( $this, 'js' ), 50 ); + if ( $this->admin_header_callback ) { + add_action( "admin_head-$page", $this->admin_header_callback, 51 ); + } } /** @@ -862,7 +864,7 @@ wp_nonce_field( 'custom-header-options', '_wpnonce-custom-header-options' ); ?> $overrides = array('test_form' => false); $uploaded_file = $_FILES['import']; - $wp_filetype = wp_check_filetype_and_ext( $uploaded_file['tmp_name'], $uploaded_file['name'], false ); + $wp_filetype = wp_check_filetype_and_ext( $uploaded_file['tmp_name'], $uploaded_file['name'] ); if ( ! wp_match_mime_types( 'image', $wp_filetype['type'] ) ) wp_die( __( 'The uploaded file is not a valid image. Please try again.' ) ); diff --git a/wp-includes/version.php b/wp-includes/version.php index 9a569844da..27d6340e88 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -4,7 +4,7 @@ * * @global string $wp_version */ -$wp_version = '4.2-alpha-31115'; +$wp_version = '4.2-alpha-31116'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.