Use the edit_theme_options capability. fixes #13290.
git-svn-id: http://svn.automattic.com/wordpress/trunk@14581 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
e65ae591a0
commit
7389ea41ea
|
@ -132,7 +132,7 @@ case 'imgedit-preview' :
|
||||||
die();
|
die();
|
||||||
break;
|
break;
|
||||||
case 'menu-quick-search':
|
case 'menu-quick-search':
|
||||||
if ( ! current_user_can( 'switch_themes' ) )
|
if ( ! current_user_can( 'edit_theme_options' ) )
|
||||||
die('-1');
|
die('-1');
|
||||||
|
|
||||||
require_once ABSPATH . 'wp-admin/includes/nav-menu.php';
|
require_once ABSPATH . 'wp-admin/includes/nav-menu.php';
|
||||||
|
@ -399,7 +399,7 @@ case 'delete-link' :
|
||||||
case 'delete-menu-item' :
|
case 'delete-menu-item' :
|
||||||
$menu_item_id = (int) $_POST['menu-item'];
|
$menu_item_id = (int) $_POST['menu-item'];
|
||||||
check_admin_referer( 'delete-menu_item_' . $menu_item_id );
|
check_admin_referer( 'delete-menu_item_' . $menu_item_id );
|
||||||
if ( ! current_user_can( 'switch_themes' ) )
|
if ( ! current_user_can( 'edit_theme_options' ) )
|
||||||
die('-1');
|
die('-1');
|
||||||
|
|
||||||
if ( is_nav_menu_item( $menu_item_id ) && wp_delete_post( $menu_item_id, true ) )
|
if ( is_nav_menu_item( $menu_item_id ) && wp_delete_post( $menu_item_id, true ) )
|
||||||
|
@ -817,7 +817,7 @@ case 'edit-comment' :
|
||||||
$x->send();
|
$x->send();
|
||||||
break;
|
break;
|
||||||
case 'add-menu-item' :
|
case 'add-menu-item' :
|
||||||
if ( ! current_user_can( 'switch_themes' ) )
|
if ( ! current_user_can( 'edit_theme_options' ) )
|
||||||
die('-1');
|
die('-1');
|
||||||
|
|
||||||
check_admin_referer( 'add-menu_item', 'menu-settings-column-nonce' );
|
check_admin_referer( 'add-menu_item', 'menu-settings-column-nonce' );
|
||||||
|
@ -1091,7 +1091,7 @@ case 'hidden-columns' :
|
||||||
die('1');
|
die('1');
|
||||||
break;
|
break;
|
||||||
case 'menu-quick-search':
|
case 'menu-quick-search':
|
||||||
if ( ! current_user_can( 'switch_themes' ) )
|
if ( ! current_user_can( 'edit_theme_options' ) )
|
||||||
die('-1');
|
die('-1');
|
||||||
|
|
||||||
require_once ABSPATH . 'wp-admin/includes/nav-menu.php';
|
require_once ABSPATH . 'wp-admin/includes/nav-menu.php';
|
||||||
|
@ -1328,7 +1328,7 @@ case 'lj-importer' :
|
||||||
case 'widgets-order' :
|
case 'widgets-order' :
|
||||||
check_ajax_referer( 'save-sidebar-widgets', 'savewidgets' );
|
check_ajax_referer( 'save-sidebar-widgets', 'savewidgets' );
|
||||||
|
|
||||||
if ( !current_user_can('switch_themes') )
|
if ( !current_user_can('edit_theme_options') )
|
||||||
die('-1');
|
die('-1');
|
||||||
|
|
||||||
unset( $_POST['savewidgets'], $_POST['action'] );
|
unset( $_POST['savewidgets'], $_POST['action'] );
|
||||||
|
@ -1358,7 +1358,7 @@ case 'widgets-order' :
|
||||||
case 'save-widget' :
|
case 'save-widget' :
|
||||||
check_ajax_referer( 'save-sidebar-widgets', 'savewidgets' );
|
check_ajax_referer( 'save-sidebar-widgets', 'savewidgets' );
|
||||||
|
|
||||||
if ( !current_user_can('switch_themes') || !isset($_POST['id_base']) )
|
if ( !current_user_can('edit_theme_options') || !isset($_POST['id_base']) )
|
||||||
die('-1');
|
die('-1');
|
||||||
|
|
||||||
unset( $_POST['savewidgets'], $_POST['action'] );
|
unset( $_POST['savewidgets'], $_POST['action'] );
|
||||||
|
|
|
@ -52,10 +52,10 @@ class Custom_Background {
|
||||||
* @since 3.0.0
|
* @since 3.0.0
|
||||||
*/
|
*/
|
||||||
function init() {
|
function init() {
|
||||||
if ( ! current_user_can('switch_themes') )
|
if ( ! current_user_can('edit_theme_options') )
|
||||||
return;
|
return;
|
||||||
|
|
||||||
$page = add_theme_page(__('Background'), __('Background'), 'switch_themes', 'custom-background', array(&$this, 'admin_page'));
|
$page = add_theme_page(__('Background'), __('Background'), 'edit_theme_options', 'custom-background', array(&$this, 'admin_page'));
|
||||||
|
|
||||||
add_action("load-$page", array(&$this, 'admin_load'));
|
add_action("load-$page", array(&$this, 'admin_load'));
|
||||||
add_action("load-$page", array(&$this, 'take_action'), 49);
|
add_action("load-$page", array(&$this, 'take_action'), 49);
|
||||||
|
|
|
@ -61,10 +61,10 @@ class Custom_Image_Header {
|
||||||
* @since 2.1.0
|
* @since 2.1.0
|
||||||
*/
|
*/
|
||||||
function init() {
|
function init() {
|
||||||
if ( ! current_user_can('switch_themes') )
|
if ( ! current_user_can('edit_theme_options') )
|
||||||
return;
|
return;
|
||||||
|
|
||||||
$page = add_theme_page(__('Header'), __('Header'), 'switch_themes', 'custom-header', array(&$this, 'admin_page'));
|
$page = add_theme_page(__('Header'), __('Header'), 'edit_theme_options', 'custom-header', array(&$this, 'admin_page'));
|
||||||
|
|
||||||
add_action("admin_print_scripts-$page", array(&$this, 'js_includes'));
|
add_action("admin_print_scripts-$page", array(&$this, 'js_includes'));
|
||||||
add_action("admin_print_styles-$page", array(&$this, 'css_includes'));
|
add_action("admin_print_styles-$page", array(&$this, 'css_includes'));
|
||||||
|
@ -125,7 +125,7 @@ class Custom_Image_Header {
|
||||||
* @since 2.6.0
|
* @since 2.6.0
|
||||||
*/
|
*/
|
||||||
function take_action() {
|
function take_action() {
|
||||||
if ( ! current_user_can('switch_themes') )
|
if ( ! current_user_can('edit_theme_options') )
|
||||||
return;
|
return;
|
||||||
|
|
||||||
if ( isset( $_POST['textcolor'] ) ) {
|
if ( isset( $_POST['textcolor'] ) ) {
|
||||||
|
@ -597,7 +597,7 @@ if ( !empty($this->default_headers) ) {
|
||||||
* @since 2.1.0
|
* @since 2.1.0
|
||||||
*/
|
*/
|
||||||
function admin_page() {
|
function admin_page() {
|
||||||
if ( ! current_user_can('switch_themes') )
|
if ( ! current_user_can('edit_theme_options') )
|
||||||
wp_die(__('You do not have permission to customize headers.'));
|
wp_die(__('You do not have permission to customize headers.'));
|
||||||
$step = $this->step();
|
$step = $this->step();
|
||||||
if ( 1 == $step )
|
if ( 1 == $step )
|
||||||
|
|
|
@ -356,11 +356,15 @@ function wp_dashboard_right_now() {
|
||||||
}
|
}
|
||||||
$num = number_format_i18n( $num_widgets );
|
$num = number_format_i18n( $num_widgets );
|
||||||
|
|
||||||
|
$switch_themes = $ct->title;
|
||||||
if ( current_user_can( 'switch_themes') ) {
|
if ( current_user_can( 'switch_themes') ) {
|
||||||
echo '<a href="themes.php" class="button rbutton">' . __('Change Theme') . '</a>';
|
echo '<a href="themes.php" class="button rbutton">' . __('Change Theme') . '</a>';
|
||||||
printf(_n('Theme <span class="b"><a href="themes.php">%1$s</a></span> with <span class="b"><a href="widgets.php">%2$s Widget</a></span>', 'Theme <span class="b"><a href="themes.php">%1$s</a></span> with <span class="b"><a href="widgets.php">%2$s Widgets</a></span>', $num_widgets), $ct->title, $num);
|
$switch_themes = '<a href="themes.php">' . $switch_themes . '</a>';
|
||||||
|
}
|
||||||
|
if ( current_user_can( 'edit_theme_options' ) ) {
|
||||||
|
printf(_n('Theme <span class="b">%1$s</span> with <span class="b"><a href="widgets.php">%2$s Widget</a></span>', 'Theme <span class="b">%1$s</span> with <span class="b"><a href="widgets.php">%2$s Widgets</a></span>', $num_widgets), $switch_themes, $num);
|
||||||
} else {
|
} else {
|
||||||
printf(_n('Theme <span class="b">%1$s</span> with <span class="b">%2$s Widget</span>', 'Theme <span class="b">%1$s</span> with <span class="b">%2$s Widgets</span>', $num_widgets), $ct->title, $num);
|
printf(_n('Theme <span class="b">%1$s</span> with <span class="b">%2$s Widget</span>', 'Theme <span class="b">%1$s</span> with <span class="b">%2$s Widgets</span>', $num_widgets), $switch_themes, $num);
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
if ( current_user_can( 'switch_themes' ) ) {
|
if ( current_user_can( 'switch_themes' ) ) {
|
||||||
|
|
|
@ -145,9 +145,15 @@ unset($ptype, $ptype_obj);
|
||||||
|
|
||||||
$menu[59] = array( '', 'read', 'separator2', '', 'wp-menu-separator' );
|
$menu[59] = array( '', 'read', 'separator2', '', 'wp-menu-separator' );
|
||||||
|
|
||||||
|
if ( current_user_can( 'switch_themes') ) {
|
||||||
$menu[60] = array( __('Appearance'), 'switch_themes', 'themes.php', '', 'menu-top menu-icon-appearance', 'menu-appearance', 'div' );
|
$menu[60] = array( __('Appearance'), 'switch_themes', 'themes.php', '', 'menu-top menu-icon-appearance', 'menu-appearance', 'div' );
|
||||||
$submenu['themes.php'][5] = array(__('Themes'), 'switch_themes', 'themes.php');
|
$submenu['themes.php'][5] = array(__('Themes'), 'switch_themes', 'themes.php');
|
||||||
$submenu['themes.php'][10] = array(__('Menus'), 'switch_themes', 'nav-menus.php');
|
$submenu['themes.php'][10] = array(__('Menus'), 'edit_theme_options', 'nav-menus.php');
|
||||||
|
} else {
|
||||||
|
$menu[60] = array( __('Appearance'), 'edit_theme_options', 'themes.php', '', 'menu-top menu-icon-appearance', 'menu-appearance', 'div' );
|
||||||
|
$submenu['themes.php'][5] = array(__('Themes'), 'edit_theme_options', 'themes.php');
|
||||||
|
$submenu['themes.php'][10] = array(__('Menus'), 'edit_theme_options', 'nav-menus.php' );
|
||||||
|
}
|
||||||
|
|
||||||
// Add 'Editor' to the bottom of the Appearence menu.
|
// Add 'Editor' to the bottom of the Appearence menu.
|
||||||
add_action('admin_menu', '_add_themes_utility_last', 101);
|
add_action('admin_menu', '_add_themes_utility_last', 101);
|
||||||
|
@ -281,7 +287,7 @@ foreach ( array( 'submenu' ) as $sub_loop ) {
|
||||||
unset($sub_loop);
|
unset($sub_loop);
|
||||||
|
|
||||||
// Loop over the top-level menu.
|
// Loop over the top-level menu.
|
||||||
// Menus for which the original parent is not acessible due to lack of privs will have the next
|
// Menus for which the original parent is not accessible due to lack of privs will have the next
|
||||||
// submenu in line be assigned as the new menu parent.
|
// submenu in line be assigned as the new menu parent.
|
||||||
foreach ( $menu as $id => $data ) {
|
foreach ( $menu as $id => $data ) {
|
||||||
if ( empty($submenu[$data[2]]) )
|
if ( empty($submenu[$data[2]]) )
|
||||||
|
|
|
@ -16,7 +16,7 @@ require_once( 'admin.php' );
|
||||||
require_once( ABSPATH . 'wp-admin/includes/nav-menu.php' );
|
require_once( ABSPATH . 'wp-admin/includes/nav-menu.php' );
|
||||||
|
|
||||||
// Permissions Check
|
// Permissions Check
|
||||||
if ( ! current_user_can('switch_themes') )
|
if ( ! current_user_can('edit_theme_options') )
|
||||||
wp_die( __( 'Cheatin’ uh?' ) );
|
wp_die( __( 'Cheatin’ uh?' ) );
|
||||||
|
|
||||||
// Nav Menu CSS
|
// Nav Menu CSS
|
||||||
|
@ -51,12 +51,9 @@ $action = isset( $_REQUEST['action'] ) ? $_REQUEST['action'] : 'edit';
|
||||||
|
|
||||||
switch ( $action ) {
|
switch ( $action ) {
|
||||||
case 'add-menu-item':
|
case 'add-menu-item':
|
||||||
if ( current_user_can( 'switch_themes' ) ) {
|
|
||||||
check_admin_referer( 'add-menu_item', 'menu-settings-column-nonce' );
|
check_admin_referer( 'add-menu_item', 'menu-settings-column-nonce' );
|
||||||
if ( isset( $_REQUEST['menu-item'] ) ) {
|
if ( isset( $_REQUEST['menu-item'] ) )
|
||||||
wp_save_nav_menu_item( $nav_menu_selected_id, $_REQUEST['menu-item'] );
|
wp_save_nav_menu_item( $nav_menu_selected_id, $_REQUEST['menu-item'] );
|
||||||
}
|
|
||||||
}
|
|
||||||
break;
|
break;
|
||||||
case 'move-down-menu-item' :
|
case 'move-down-menu-item' :
|
||||||
// moving down a menu item is the same as moving up the next in order
|
// moving down a menu item is the same as moving up the next in order
|
||||||
|
|
|
@ -9,10 +9,10 @@
|
||||||
/** WordPress Administration Bootstrap */
|
/** WordPress Administration Bootstrap */
|
||||||
require_once('./admin.php');
|
require_once('./admin.php');
|
||||||
|
|
||||||
if ( !current_user_can('switch_themes') )
|
if ( !current_user_can('switch_themes') && !current_user_can('edit_theme_options') )
|
||||||
wp_die( __( 'Cheatin’ uh?' ) );
|
wp_die( __( 'Cheatin’ uh?' ) );
|
||||||
|
|
||||||
if ( isset($_GET['action']) ) {
|
if ( current_user_can('switch_themes') && isset($_GET['action']) ) {
|
||||||
if ( 'activate' == $_GET['action'] ) {
|
if ( 'activate' == $_GET['action'] ) {
|
||||||
check_admin_referer('switch-theme_' . $_GET['template']);
|
check_admin_referer('switch-theme_' . $_GET['template']);
|
||||||
switch_theme($_GET['template'], $_GET['stylesheet']);
|
switch_theme($_GET['template'], $_GET['stylesheet']);
|
||||||
|
@ -31,6 +31,8 @@ if ( isset($_GET['action']) ) {
|
||||||
$title = __('Manage Themes');
|
$title = __('Manage Themes');
|
||||||
$parent_file = 'themes.php';
|
$parent_file = 'themes.php';
|
||||||
|
|
||||||
|
if ( current_user_can( 'switch_themes' ) ) :
|
||||||
|
|
||||||
$help = '<p>' . __('Themes give your WordPress style. Once a theme is installed, you may preview it, activate it or deactivate it here.') . '</p>';
|
$help = '<p>' . __('Themes give your WordPress style. Once a theme is installed, you may preview it, activate it or deactivate it here.') . '</p>';
|
||||||
if ( current_user_can('install_themes') ) {
|
if ( current_user_can('install_themes') ) {
|
||||||
$help .= '<p>' . sprintf(__('You can find additional themes for your site by using the new <a href="%1$s">Theme Browser/Installer</a> functionality or by browsing the <a href="http://wordpress.org/extend/themes/">WordPress Theme Directory</a> directly and installing manually. To install a theme <em>manually</em>, <a href="%2$s">upload its ZIP archive with the new uploader</a> or copy its folder via FTP into your <code>wp-content/themes</code> directory.'), 'theme-install.php', 'theme-install.php?tab=upload' ) . '</p>';
|
$help .= '<p>' . sprintf(__('You can find additional themes for your site by using the new <a href="%1$s">Theme Browser/Installer</a> functionality or by browsing the <a href="http://wordpress.org/extend/themes/">WordPress Theme Directory</a> directly and installing manually. To install a theme <em>manually</em>, <a href="%2$s">upload its ZIP archive with the new uploader</a> or copy its folder via FTP into your <code>wp-content/themes</code> directory.'), 'theme-install.php', 'theme-install.php?tab=upload' ) . '</p>';
|
||||||
|
@ -42,6 +44,8 @@ add_contextual_help($current_screen, $help);
|
||||||
add_thickbox();
|
add_thickbox();
|
||||||
wp_enqueue_script( 'theme-preview' );
|
wp_enqueue_script( 'theme-preview' );
|
||||||
|
|
||||||
|
endif;
|
||||||
|
|
||||||
require_once('./admin-header.php');
|
require_once('./admin-header.php');
|
||||||
if ( is_multisite() && current_user_can('edit_themes') ) {
|
if ( is_multisite() && current_user_can('edit_themes') ) {
|
||||||
?><div id="message0" class="updated"><p><?php printf( __('Administrator: new themes must be activated in the <a href="%s">Network Themes</a> screen before they appear here.'), admin_url( 'ms-themes.php') ); ?></p></div><?php
|
?><div id="message0" class="updated"><p><?php printf( __('Administrator: new themes must be activated in the <a href="%s">Network Themes</a> screen before they appear here.'), admin_url( 'ms-themes.php') ); ?></p></div><?php
|
||||||
|
@ -51,7 +55,7 @@ if ( is_multisite() && current_user_can('edit_themes') ) {
|
||||||
<?php if ( ! validate_current_theme() ) : ?>
|
<?php if ( ! validate_current_theme() ) : ?>
|
||||||
<div id="message1" class="updated"><p><?php _e('The active theme is broken. Reverting to the default theme.'); ?></p></div>
|
<div id="message1" class="updated"><p><?php _e('The active theme is broken. Reverting to the default theme.'); ?></p></div>
|
||||||
<?php elseif ( isset($_GET['activated']) ) :
|
<?php elseif ( isset($_GET['activated']) ) :
|
||||||
if ( isset($wp_registered_sidebars) && count( (array) $wp_registered_sidebars ) ) { ?>
|
if ( isset($wp_registered_sidebars) && count( (array) $wp_registered_sidebars ) && current_user_can('edit_theme_options') ) { ?>
|
||||||
<div id="message2" class="updated"><p><?php printf( __('New theme activated. This theme supports widgets, please visit the <a href="%s">widgets settings</a> screen to configure them.'), admin_url( 'widgets.php' ) ); ?></p></div><?php
|
<div id="message2" class="updated"><p><?php printf( __('New theme activated. This theme supports widgets, please visit the <a href="%s">widgets settings</a> screen to configure them.'), admin_url( 'widgets.php' ) ); ?></p></div><?php
|
||||||
} else { ?>
|
} else { ?>
|
||||||
<div id="message2" class="updated"><p><?php printf( __( 'New theme activated. <a href="%s">Visit site</a>' ), home_url( '/' ) ); ?></p></div><?php
|
<div id="message2" class="updated"><p><?php printf( __( 'New theme activated. <a href="%s">Visit site</a>' ), home_url( '/' ) ); ?></p></div><?php
|
||||||
|
@ -114,6 +118,13 @@ $themes = array_slice( $themes, $start, $per_page );
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div class="clear"></div>
|
<div class="clear"></div>
|
||||||
|
<?php
|
||||||
|
if ( ! current_user_can( 'switch_themes' ) ) {
|
||||||
|
echo '</div>';
|
||||||
|
require( './admin-footer.php' );
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
?>
|
||||||
<h3><?php _e('Available Themes'); ?></h3>
|
<h3><?php _e('Available Themes'); ?></h3>
|
||||||
<div class="clear"></div>
|
<div class="clear"></div>
|
||||||
|
|
||||||
|
|
|
@ -12,7 +12,7 @@ require_once( './admin.php' );
|
||||||
/** WordPress Administration Widgets API */
|
/** WordPress Administration Widgets API */
|
||||||
require_once(ABSPATH . 'wp-admin/includes/widgets.php');
|
require_once(ABSPATH . 'wp-admin/includes/widgets.php');
|
||||||
|
|
||||||
if ( ! current_user_can('switch_themes') )
|
if ( ! current_user_can('edit_theme_options') )
|
||||||
wp_die( __( 'Cheatin’ uh?' ));
|
wp_die( __( 'Cheatin’ uh?' ));
|
||||||
|
|
||||||
wp_admin_css( 'widgets' );
|
wp_admin_css( 'widgets' );
|
||||||
|
|
|
@ -2974,7 +2974,7 @@ function wp_maybe_load_widgets() {
|
||||||
*/
|
*/
|
||||||
function wp_widgets_add_menu() {
|
function wp_widgets_add_menu() {
|
||||||
global $submenu;
|
global $submenu;
|
||||||
$submenu['themes.php'][7] = array( __( 'Widgets' ), 'switch_themes', 'widgets.php' );
|
$submenu['themes.php'][7] = array( __( 'Widgets' ), 'edit_theme_options', 'widgets.php' );
|
||||||
ksort( $submenu['themes.php'], SORT_NUMERIC );
|
ksort( $submenu['themes.php'], SORT_NUMERIC );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue