Introduce WP_List_Table::check_permissions() and WP_List_Table::prepare_items(). Fixes #14596; See #14579

git-svn-id: http://svn.automattic.com/wordpress/trunk@15496 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-08-12 23:21:05 +00:00 · 2010-08-12 23:21:05 +00:00 · c6056827ed
parent 17cc67eb45
commit c6056827ed
16 changed files with 271 additions and 170 deletions
--- a/wp-admin/admin-ajax.php
+++ b/wp-admin/admin-ajax.php
@ -558,7 +558,7 @@ case 'add-tag' :
 		set_current_screen($_POST['screen']);
 	require_once( './includes/default-list-tables.php' );
-	$table = new WP_Terms_Table( 'ajax' );
+	$table = new WP_Terms_Table();
 	$level = 0;
 	$tag_full_name = false;
@ -626,7 +626,7 @@ case 'add-comment' :
 		die('-1');
 	require_once( './includes/default-list-tables.php' );
-	$table = new WP_Comments_Table( 'ajax' );
+	$table = new WP_Comments_Table();
 	global $comments;
@ -659,7 +659,7 @@ case 'get-comments' :
 		die('-1');
 	require_once( './includes/default-list-tables.php' );
-	$table = new WP_Comments_Table( 'ajax' );
+	$table = new WP_Comments_Table();
 	global $comments;
@ -685,7 +685,7 @@ case 'replyto-comment' :
 	check_ajax_referer( $action, '_ajax_nonce-replyto-comment' );
 	require_once( './includes/default-list-tables.php' );
-	$table = new WP_Comments_Table( 'ajax' );
+	$table = new WP_Comments_Table();
 	$comment_post_ID = (int) $_POST['comment_post_ID'];
 	if ( !current_user_can( 'edit_post', $comment_post_ID ) )
@ -776,7 +776,7 @@ case 'edit-comment' :
 		add_filter( 'comment_author', 'floated_admin_avatar' );
 	require_once( './includes/default-list-tables.php' );
-	$table = new WP_Comments_Table( 'ajax' );
+	$table = new WP_Comments_Table();
 	ob_start();
 		$table->single_row( $comment_id, $mode, $comments_listing, $checkbox );
@ -925,7 +925,7 @@ case 'add-user' :
 	$user_object = new WP_User( $user_id );
 	require_once( './includes/default-list-tables.php' );
-	$table = new WP_Users_Table( 'ajax' );
+	$table = new WP_Users_Table();
 	$x = new WP_Ajax_Response( array(
 		'what' => 'user',
@ -1218,7 +1218,7 @@ case 'inline-save':
 	edit_post();
 	require_once( './includes/default-list-tables.php' );
-	$table = new WP_Posts_Table( 'ajax' );
+	$table = new WP_Posts_Table();
 	$mode = $_POST['post_view'];
 	$table->display_rows( array( get_post( $_POST['post_ID'] ) ) );
@ -1228,19 +1228,14 @@ case 'inline-save':
 case 'inline-save-tax':
 	check_ajax_referer( 'taxinlineeditnonce', '_inline_edit' );
-	$taxonomy = !empty($_POST['taxonomy']) ? $_POST['taxonomy'] : false;
+	require_once( './includes/default-list-tables.php' );
-	if ( ! $taxonomy )
+	$table = new WP_Terms_Table();
 		die( __('Cheatin&#8217; uh?') );
 	$tax = get_taxonomy($taxonomy);
-	if ( ! current_user_can( $tax->cap->edit_terms ) )
+	$table->check_permissions('edit');
 		die( __('Cheatin&#8217; uh?') );
 	if ( ! isset($_POST['tax_ID']) || ! ( $id = (int) $_POST['tax_ID'] ) )
 		die(-1);
 	$taxonomy = !empty($_POST['taxonomy']) ? $_POST['taxonomy'] : 'post_tag';
 	$tag = get_term( $id, $taxonomy );
 	$_POST['description'] = $tag->description;
@ -1253,11 +1248,6 @@ case 'inline-save-tax':
 			die( __('Item not updated.') );
 		}
 		set_current_screen( 'edit-' . $taxonomy );
 		require_once( './includes/default-list-tables.php' );
 		$table = new WP_Terms_Table( 'ajax' );
 		echo $table->single_row( $tag, 0, $taxonomy );
 	} else {
 		if ( is_wp_error($updated) && $updated->get_error_message() )
--- a/wp-admin/edit-comments.php
+++ b/wp-admin/edit-comments.php
@ -9,8 +9,10 @@
 /** WordPress Administration Bootstrap */
 require_once('./admin.php');
-if ( !current_user_can('edit_posts') )
+require_once( './includes/default-list-tables.php' );
-	wp_die(__('Cheatin&#8217; uh?'));
+
 $table = new WP_Comments_Table;
 $table->check_permissions();
 if ( isset( $_REQUEST['doaction'] ) ||  isset( $_REQUEST['doaction2'] ) || isset( $_REQUEST['delete_all'] ) || isset( $_REQUEST['delete_all2'] ) ) {
 	check_admin_referer( 'bulk-comments' );
@ -95,9 +97,7 @@ if ( isset( $_REQUEST['doaction'] ) ||  isset( $_REQUEST['doaction2'] ) || isset
 	 exit;
 }
-require_once( './includes/default-list-tables.php' );
+$table->prepare_items();
 $table = new WP_Comments_Table;
 wp_enqueue_script('admin-comments');
 enqueue_comment_hotkeys_js();
--- a/wp-admin/edit-tags.php
+++ b/wp-admin/edit-tags.php
@ -12,6 +12,7 @@ require_once('./admin.php');
 require_once( './includes/default-list-tables.php' );
 $table = new WP_Terms_Table;
 $table->check_permissions();
 $title = $tax->labels->name;
@ -151,6 +152,8 @@ if ( ! empty($_REQUEST['_wp_http_referer']) ) {
 	 exit;
 }
 $table->prepare_items();
 wp_enqueue_script('admin-tags');
 if ( current_user_can($tax->cap->edit_terms) )
 	wp_enqueue_script('inline-edit-tax');
--- a/wp-admin/edit.php
+++ b/wp-admin/edit.php
@ -12,6 +12,7 @@ require_once( './admin.php' );
 require_once( './includes/default-list-tables.php' );
 $table = new WP_Posts_Table;
 $table->check_permissions();
 // Back-compat for viewing comments of an entry
 if ( $_redirect = intval( max( @$_REQUEST['p'], @$_REQUEST['attachment_id'], @$_REQUEST['page_id'] ) ) ) {
@ -118,6 +119,8 @@ if ( 'post' != $post_type ) {
 	$post_new_file = 'post-new.php';
 }
 $table->prepare_items();
 wp_enqueue_script('inline-edit-post');
 $title = $post_type_object->labels->name;
--- a/wp-admin/includes/default-list-tables.php
+++ b/wp-admin/includes/default-list-tables.php
@ -22,8 +22,8 @@ class WP_Posts_Table extends WP_List_Table {
 	 */
 	var $_hierarchical_display;
-	function WP_Posts_Table( $context = 'normal' ) {
+	function WP_Posts_Table() {
-		global $post_type_object, $post_type, $avail_post_stati, $wp_query, $per_page, $mode, $current_screen;
+		global $post_type_object, $post_type, $current_screen;
 		if ( !isset( $_REQUEST['post_type'] ) )
 			$post_type = 'post';
@ -35,16 +35,21 @@ class WP_Posts_Table extends WP_List_Table {
 		$post_type_object = get_post_type_object( $post_type );
 		if ( !current_user_can( $post_type_object->cap->edit_posts ) )
 			wp_die( __( 'Cheatin&#8217; uh?' ) );
 		parent::WP_List_Table( array(
 			'screen' => $current_screen,
 			'plural' => 'posts',
 		) );
 	}
-		if ( 'normal' != $context )
+	function check_permissions() {
-			return;
+		global $post_type_object;
 		if ( !current_user_can( $post_type_object->cap->edit_posts ) )
 			wp_die( __( 'Cheatin&#8217; uh?' ) );
 	}
 	function prepare_items() {
 		global $post_type_object, $post_type, $avail_post_stati, $wp_query, $per_page, $mode;
 		$avail_post_stati = wp_edit_posts_query();
@ -1072,34 +1077,24 @@ class WP_Posts_Table extends WP_List_Table {
 class WP_Media_Table extends WP_List_Table {
-	function WP_Media_Table( $context = 'normal' ) {
+	function WP_Media_Table() {
-		global $wpdb, $wp_query, $detached, $post_mime_types, $avail_post_mime_types;
+		global $detached;
-		if ( isset( $_REQUEST['find_detached'] ) ) {
+		$detached = isset( $_REQUEST['detached'] ) || isset( $_REQUEST['find_detached'] );
 			if ( !current_user_can( 'edit_posts' ) )
 				wp_die( __( 'You are not allowed to scan for lost attachments.' ) );
 			$lost = $wpdb->get_col( "
 				SELECT ID FROM $wpdb->posts
 				WHERE post_type = 'attachment' AND post_parent > '0'
 				AND post_parent NOT IN (
 					SELECT ID FROM $wpdb->posts
 					WHERE post_type NOT IN ( 'attachment', '" . join( "', '", get_post_types( array( 'public' => false ) ) ) . "' )
 				)
 			" );
 			$_REQUEST['detached'] = 1;
 		}
 		$detached = isset( $_REQUEST['detached'] );
 		parent::WP_List_Table( array(
 			'screen' => $detached ? 'upload-detached' : 'upload',
 			'plural' => 'media'
 		) );
 	}
-		if ( 'normal' != $context )
+	function check_permissions() {
-			return;
+		if ( !current_user_can('upload_files') )
 			wp_die( __( 'You do not have permission to upload files.' ) );
 	}		
 	function prepare_items() {
 		global $lost, $wpdb, $wp_query, $post_mime_types, $avail_post_mime_types;
 		$q = $_REQUEST;
@ -1357,7 +1352,7 @@ foreach ( $columns as $column_name => $column_display_name ) {
 <?php
 		} else {
 ?>
-			<td <?php echo $attributes ?>><?php _e( '( Unattached )' ); ?><br />
+			<td <?php echo $attributes ?>><?php _e( '(Unattached)' ); ?><br />
 			<a class="hide-if-no-js" onclick="findPosts.open( 'media[]','<?php echo $post->ID ?>' );return false;" href="#the-list"><?php _e( 'Attach' ); ?></a></td>
 <?php
 		}
@ -1502,19 +1497,10 @@ class WP_Terms_Table extends WP_List_Table {
 	var $callback_args;
-	function WP_Terms_Table( $context = 'normal' ) {
+	function WP_Terms_Table() {
 		global $post_type, $taxonomy, $tax, $current_screen;
-		parent::WP_List_Table( array(
+		wp_reset_vars( array( 'action', 'taxonomy', 'post_type' ) );
 			'screen' => $current_screen,
 			'plural' => 'tags',
 			'singular' => 'tag',
 		) );
 		if ( 'normal' != $context )
 			return;
 		wp_reset_vars( array( 'action', 'tag', 'taxonomy', 'post_type' ) );
 		if ( empty( $taxonomy ) )
 			$taxonomy = 'post_tag';
@ -1524,12 +1510,31 @@ class WP_Terms_Table extends WP_List_Table {
 		$tax = get_taxonomy( $taxonomy );
 		if ( ! current_user_can( $tax->cap->manage_terms ) )
 			wp_die( __( 'Cheatin&#8217; uh?' ) );
 		if ( empty( $post_type ) || !in_array( $post_type, get_post_types( array( 'public' => true ) ) ) )
 			$post_type = 'post';
 		if ( !isset( $current_screen ) )
 			set_current_screen( 'edit-' . $taxonomy );
 		parent::WP_List_Table( array(
 			'screen' => $current_screen,
 			'plural' => 'tags',
 			'singular' => 'tag',
 		) );
 	}
 	function check_permissions( $type = 'manage' ) {
 		global $tax;
 		$cap = 'manage' == $type ? $tax->cap->manage_terms : $tax->cap->edit_terms;
 		if ( !current_user_can( $tax->cap->manage_terms ) )
 			wp_die( __( 'Cheatin&#8217; uh?' ) );
 	}
 	function prepare_items() {
 		global $taxonomy;
 		$tags_per_page = (int) get_user_option( 'edit_' .  $taxonomy . '_per_page' );
 		if ( empty( $tags_per_page ) || $tags_per_page < 1 )
@ -1851,17 +1856,21 @@ class WP_Terms_Table extends WP_List_Table {
 class WP_Users_Table extends WP_List_Table {
-	function WP_Users_Table( $context = 'normal' ) {
+	function WP_Users_Table() {
 		global $role, $usersearch;
 		parent::WP_List_Table( array(
 			'screen' => 'users',
 			'plural' => 'users'
 		) );
 	}
-		if ( 'normal' != $context )
+	function check_permissions() {
-			return;
+		if ( !current_user_can('list_users') )
 			wp_die(__('Cheatin&#8217; uh?'));
 	}
 	function prepare_items() {
 		$usersearch = isset( $_REQUEST['s'] ) ? $_REQUEST['s'] : '';
 		$role = isset( $_REQUEST['role'] ) ? $_REQUEST['role'] : '';
@ -2089,21 +2098,25 @@ class WP_Users_Table extends WP_List_Table {
 class WP_Comments_Table extends WP_List_Table {
-	function WP_Comments_Table( $context = 'normal' ) {
+	function WP_Comments_Table() {
 		global $comments, $extra_comments, $total_comments, $post_id, $comment_status, $mode;
 		$mode = ( empty( $_REQUEST['mode'] ) ) ? 'detail' : $_REQUEST['mode'];
 		parent::WP_List_Table( array(
 			'screen' => 'edit-comments',
 			'plural' => 'comments'
 		) );
 	}
-		if ( 'normal' != $context )
+	function check_permissions() {
-			return;
+		if ( !current_user_can('edit_posts') )
 			wp_die(__('Cheatin&#8217; uh?'));
 	}
 	function prepare_items() {
 		global $comments, $extra_comments, $total_comments, $post_id, $comment_status, $mode;
 		$post_id = isset( $_REQUEST['post_ID'] ) ? absint( $_REQUEST['post_ID'] ) : 0;
 		$mode = ( empty( $_REQUEST['mode'] ) ) ? 'detail' : $_REQUEST['mode'];
 		$comment_status = isset( $_REQUEST['comment_status'] ) ? $_REQUEST['comment_status'] : 'all';
 		if ( !in_array( $comment_status, array( 'all', 'moderated', 'approved', 'spam', 'trash' ) ) )
 			$comment_status = 'all';
@ -2508,6 +2521,18 @@ class WP_Comments_Table extends WP_List_Table {
 class WP_Links_Table extends WP_List_Table {
 	function WP_Links_Table() {
 		parent::WP_List_Table( array(
 			'screen' => 'link-manager',
 			'plural' => 'bookmarks',
 		) );
 	}
 	function check_permissions() {
 		if ( ! current_user_can( 'manage_links' ) )
 			wp_die( __( 'You do not have sufficient permissions to edit the links for this site.' ) );
 	}
 	function prepare_items() {
 		global $cat_id, $s, $orderby, $order;
 		wp_reset_vars( array( 'action', 'cat_id', 'linkurl', 'name', 'image', 'description', 'visible', 'target', 'category', 'link_id', 'submit', 'orderby', 'order', 'links_show_cat_id', 'rating', 'rel', 'notes', 'linkcheck[]', 's' ) );
@ -2524,12 +2549,7 @@ class WP_Links_Table extends WP_List_Table {
 			$args['order'] = $order;
 		$this->items = get_bookmarks( $args );
-
+	}		
 		parent::WP_List_Table( array(
 			'screen' => 'link-manager',
 			'plural' => 'bookmarks',
 		) );
 	}
 	function no_items() {
 		_e( 'No links found.' );
@ -2690,15 +2710,22 @@ class WP_Links_Table extends WP_List_Table {
 class WP_Sites_Table extends WP_List_Table {
 	function WP_Sites_Table() {
 		parent::WP_List_Table( array(
 			'screen' => 'ms-sites',
 			'plural' => 'sites',
 		) );
 	}
 	function check_permissions() {		
 		if ( ! current_user_can( 'manage_sites' ) )
 			wp_die( __( 'You do not have permission to access this page.' ) );
 	}
 	function prepare_items() {
 		global $s, $mode, $wpdb;
 		$mode = ( empty( $_REQUEST['mode'] ) ) ? 'list' : $_REQUEST['mode'];
 		parent::WP_List_Table( array(
 			'callback' => 'site_rows',
 			'screen' => 'ms-sites',
 		) );
 		$pagenum = $this->get_pagenum();
 		$per_page = (int) get_user_option( 'ms_sites_per_page' );
@ -2978,13 +3005,23 @@ class WP_Sites_Table extends WP_List_Table {
 class WP_MS_Users_Table extends WP_List_Table {
 	function WP_MS_Users_Table() {
 		global $s, $mode, $wpdb;
 		$mode = ( empty( $_REQUEST['mode'] ) ) ? 'list' : $_REQUEST['mode'];
 		parent::WP_List_Table( array(
 			'screen' => 'ms-users',
 		) );
 	}
 	function check_permissions() {			
 		if ( !is_multisite() )
 			wp_die( __( 'Multisite support is not enabled.' ) );
 		if ( ! current_user_can( 'manage_network_users' ) )
 			wp_die( __( 'You do not have permission to access this page.' ) );
 	}
 	function prepare_items() {
 		global $s, $mode, $wpdb;
 		$mode = ( empty( $_REQUEST['mode'] ) ) ? 'list' : $_REQUEST['mode'];
 		$pagenum = $this->get_pagenum();
@ -3201,24 +3238,31 @@ class WP_MS_Users_Table extends WP_List_Table {
 class WP_Plugins_Table extends WP_List_Table {
 	function WP_Plugins_Table() {
 		global $status, $plugins, $totals, $page, $orderby, $order, $s;
 		parent::WP_List_Table( array(
 			'screen' => 'plugins',
 			'plural' => 'plugins',
 		) );
 	}
 	function check_permissions() {
 		if ( is_multisite() ) {
 			$menu_perms = get_site_option( 'menu_items', array() );
 			if ( empty( $menu_perms['plugins'] ) ) {
 				if ( !is_super_admin() )
 					wp_die( __( 'Cheatin&#8217; uh?' ) );
 			}
 		}
 		if ( !current_user_can('activate_plugins') )
 			wp_die( __( 'You do not have sufficient permissions to manage plugins for this site.' ) );
 	}
 	function prepare_items() {
 		global $status, $plugins, $totals, $page, $orderby, $order, $s;
 		wp_reset_vars( array( 'orderby', 'order', 's' ) );
 		$default_status = get_user_option( 'plugins_last_view' );
 		if ( empty( $default_status ) )
 			$default_status = 'all';
 		$status = isset( $_REQUEST['plugin_status'] ) ? $_REQUEST['plugin_status'] : $default_status;
 		if ( !in_array( $status, array( 'all', 'active', 'inactive', 'recently_activated', 'upgrade', 'network', 'mustuse', 'dropins', 'search' ) ) )
 			$status = 'all';
 		if ( $status != $default_status && 'search' != $status )
 			update_user_meta( get_current_user_id(), 'plugins_last_view', $status );
 		$page = $this->get_pagenum();
 		$plugins = array(
@ -3538,13 +3582,20 @@ class WP_Plugins_Table extends WP_List_Table {
 class WP_Plugin_Install_Table extends WP_List_Table {
 	function WP_Plugin_Install_Table() {
 		include( ABSPATH . 'wp-admin/includes/plugin-install.php' );
 		global $tabs, $tab, $paged, $type, $term;
 		parent::WP_List_Table( array(
 			'screen' => 'plugin-install',
 		) );
 	}
 	function check_permissions() {
 		if ( ! current_user_can('install_plugins') )
 			wp_die(__('You do not have sufficient permissions to install plugins on this site.'));		
 	}
 	function prepare_items() {
 		include( ABSPATH . 'wp-admin/includes/plugin-install.php' );
 		global $tabs, $tab, $paged, $type, $term;
 		wp_reset_vars( array( 'tab' ) );
@ -3743,6 +3794,17 @@ class WP_Plugin_Install_Table extends WP_List_Table {
 class WP_Themes_Table extends WP_List_Table {
 	function WP_Themes_Table() {
 		parent::__construct( array(
 			'screen' => 'themes',
 		) );
 	}
 	function check_permissions() {
 		if ( !current_user_can('switch_themes') && !current_user_can('edit_theme_options') )
 			wp_die( __( 'Cheatin&#8217; uh?' ) );
 	}
 	function prepare_items() {
 		global $ct;
 		$ct = current_theme_info();
@ -3758,10 +3820,6 @@ class WP_Themes_Table extends WP_List_Table {
 		$this->items = array_slice( $themes, $start, $per_page );
 		parent::__construct( array(
 			'screen' => 'themes',
 		) );
 		$this->set_pagination_args( array(
 			'query_var' => 'pagenum',
 			'total_items' => count( $themes ),
@ -3885,14 +3943,21 @@ foreach ( $cols as $col => $theme_name ) {
 class WP_Theme_Install_Table extends WP_List_Table {
 	function WP_Theme_Install_Table() {
 		include( ABSPATH . 'wp-admin/includes/theme-install.php' );
 		global $tabs, $tab, $paged, $type, $term, $theme_field_defaults;
 		parent::WP_List_Table( array(
 			'screen' => 'theme-install',
 		) );
 	}
 	function check_permissions() {
 		if ( ! current_user_can('install_themes') )
 			wp_die( __( 'You do not have sufficient permissions to install themes on this site.' ) );
 	}
 	function prepare_items() {
 		include( ABSPATH . 'wp-admin/includes/theme-install.php' );
 		global $tabs, $tab, $paged, $type, $term, $theme_field_defaults;		
 		wp_reset_vars( array( 'tab' ) );
 		$paged = $this->get_pagenum();
--- a/wp-admin/includes/list-table.php
+++ b/wp-admin/includes/list-table.php
@ -93,6 +93,28 @@ class WP_List_Table {
 		}
 	}
 	/**
 	 * Checks the current user's permissions
 	 * @uses wp_die()
 	 *
 	 * @since 3.1.0
 	 * @access public
 	 */
 	function check_permissions() {
 		die( 'function WP_List_Table::check_permissions() must be over-ridden in a sub-class.' );
 	}
 	/**
 	 * Prepares the list of items for displaying.
 	 * @uses WP_List_Table::set_pagination_args()
 	 *
 	 * @since 3.1.0
 	 * @access public
 	 */
 	function prepare_items() {
 		die( 'function WP_List_Table::prepare_items() must be over-ridden in a sub-class.' );
 	}
 	/**
 	 * An internal method that sets all the necessary pagination arguments
 	 *
@ -568,6 +590,9 @@ class WP_List_Table {
 	 * @access public
 	 */
 	function ajax_response() {
 		$this->check_permissions();
 		$this->prepare_items();
 		extract( $this->_args );
 		extract( $this->_pagination_args );
--- a/wp-admin/link-manager.php
+++ b/wp-admin/link-manager.php
@ -9,15 +9,17 @@
 /** Load WordPress Administration Bootstrap */
 require_once ('admin.php');
 require_once( './includes/default-list-tables.php' );
 $table = new WP_Links_Table;
 $table->check_permissions();
 // Handle bulk deletes
 if ( isset( $_REQUEST['action'] ) && isset( $_REQUEST['linkcheck'] ) ) {
 	check_admin_referer( 'bulk-bookmarks' );
 	$doaction = $_REQUEST['action'] ? $_REQUEST['action'] : $_REQUEST['action2'];
 	if ( ! current_user_can( 'manage_links' ) )
 		wp_die( __( 'You do not have sufficient permissions to edit the links for this site.' ) );
 	if ( 'delete' == $doaction ) {
 		$bulklinks = (array) $_REQUEST['linkcheck'];
 		foreach ( $bulklinks as $link_id ) {
@ -33,9 +35,7 @@ if ( isset( $_REQUEST['action'] ) && isset( $_REQUEST['linkcheck'] ) ) {
 	 exit;
 }
-require_once( './includes/default-list-tables.php' );
+$table->prepare_items();
 $table = new WP_Links_Table;
 $title = __('Links');
 $this_file = $parent_file = 'link-manager.php';
--- a/wp-admin/network/sites.php
+++ b/wp-admin/network/sites.php
@ -12,8 +12,10 @@ require_once( './admin.php' );
 if ( ! is_multisite() )
 	wp_die( __( 'Multisite support is not enabled.' ) );
-if ( ! current_user_can( 'manage_sites' ) )
+require_once( '../includes/default-list-tables.php' );
-	wp_die( __( 'You do not have permission to access this page.' ) );
+
 $table = new WP_Sites_Table;
 $table->check_permissions();
 $title = __( 'Sites' );
 $parent_file = 'sites.php';
@ -348,9 +350,7 @@ switch ( $action ) {
 	// List sites
 	case 'list':
 	default:
-		require_once( '../includes/default-list-tables.php' );
+		$table->prepare_items();
 		$table = new WP_Sites_Table;
 		require_once( '../admin-header.php' );
 		?>
--- a/wp-admin/network/users.php
+++ b/wp-admin/network/users.php
@ -9,11 +9,11 @@
 require_once( './admin.php' );
-if ( !is_multisite() )
+require_once( '../includes/default-list-tables.php' );
 	wp_die( __( 'Multisite support is not enabled.' ) );
-if ( ! current_user_can( 'manage_network_users' ) )
+$table = new WP_MS_Users_Table;
-	wp_die( __( 'You do not have permission to access this page.' ) );
+$table->check_permissions();
 $table->prepare_items();
 $title = __( 'Users' );
 $parent_file = 'users.php';
@ -32,10 +32,6 @@ add_contextual_help($current_screen,
 	'<p>' . __('<a href="http://wordpress.org/support/" target="_blank">Support Forums</a>') . '</p>'
 );
 require_once( '../includes/default-list-tables.php' );
 $table = new WP_MS_Users_Table;
 require_once( '../admin-header.php' );
 if ( isset( $_REQUEST['updated'] ) && $_REQUEST['updated'] == 'true' && ! empty( $_REQUEST['action'] ) ) {
--- a/wp-admin/plugin-install.php
+++ b/wp-admin/plugin-install.php
@ -9,12 +9,11 @@
 /** WordPress Administration Bootstrap */
 require_once('./admin.php');
 if ( ! current_user_can('install_plugins') )
 	wp_die(__('You do not have sufficient permissions to install plugins on this site.'));
 require_once( './includes/default-list-tables.php' );
 $table = new WP_Plugin_Install_Table;
 $table->check_permissions();
 $table->prepare_items();
 $title = __('Install Plugins');
 $parent_file = 'plugins.php';
--- a/wp-admin/plugins.php
+++ b/wp-admin/plugins.php
@ -8,17 +8,11 @@
 /** WordPress Administration Bootstrap */
 require_once('./admin.php');
 if ( is_multisite() ) {
 	$menu_perms = get_site_option( 'menu_items', array() );
 	if ( empty( $menu_perms['plugins'] ) ) { 
 		if ( ! is_super_admin() )
 			wp_die( __( 'Cheatin&#8217; uh?' ) );
 	}
 }
-if ( ! current_user_can( 'activate_plugins' ) )
+require_once( ABSPATH . 'wp-admin/includes/default-list-tables.php' );
-	wp_die( __( 'You do not have sufficient permissions to manage plugins for this site.' ) );
+
 $table = new WP_Plugins_Table;
 $table->check_permissions();
 if ( isset($_POST['clear-recent-list']) )
 	$action = 'clear-recent-list';
@ -299,9 +293,16 @@ if ( !empty($action) ) {
 	}
 }
-require_once( ABSPATH . 'wp-admin/includes/default-list-tables.php' );
+$default_status = get_user_option( 'plugins_last_view' );
 if ( empty( $default_status ) )
 	$default_status = 'all';
 $status = isset( $_REQUEST['plugin_status'] ) ? $_REQUEST['plugin_status'] : $default_status;
 if ( !in_array( $status, array( 'all', 'active', 'inactive', 'recently_activated', 'upgrade', 'network', 'mustuse', 'dropins', 'search' ) ) )
 	$status = 'all';
 if ( $status != $default_status && 'search' != $status )
 	update_user_meta( get_current_user_id(), 'plugins_last_view', $status );
-$table = new WP_Plugins_Table;
+$table->prepare_items();
 wp_enqueue_script('plugin-install');
 add_thickbox();
--- a/wp-admin/theme-install.php
+++ b/wp-admin/theme-install.php
@ -9,12 +9,11 @@
 /** WordPress Administration Bootstrap */
 require_once('./admin.php');
 if ( ! current_user_can('install_themes') )
 	wp_die(__('You do not have sufficient permissions to install themes on this site.'));
 require_once( './includes/default-list-tables.php' );
 $table = new WP_Theme_Install_Table;
 $table->check_permissions();
 $table->prepare_items();
 $title = __('Install Themes');
 $parent_file = 'themes.php';
--- a/wp-admin/themes.php
+++ b/wp-admin/themes.php
@ -9,8 +9,10 @@
 /** WordPress Administration Bootstrap */
 require_once('./admin.php');
-if ( !current_user_can('switch_themes') && !current_user_can('edit_theme_options') )
+require_once( './includes/default-list-tables.php' );
-	wp_die( __( 'Cheatin&#8217; uh?' ) );
+
 $table = new WP_Themes_Table;
 $table->check_permissions();
 if ( current_user_can('switch_themes') && isset($_GET['action']) ) {
 	if ( 'activate' == $_GET['action'] ) {
@ -28,9 +30,7 @@ if ( current_user_can('switch_themes') && isset($_GET['action']) ) {
 	}
 }
-require_once( './includes/default-list-tables.php' );
+$table->prepare_items();
 $table = new WP_Themes_Table;
 $title = __('Manage Themes');
 $parent_file = 'themes.php';
--- a/wp-admin/upload.php
+++ b/wp-admin/upload.php
@ -9,11 +9,30 @@
 /** WordPress Administration Bootstrap */
 require_once( './admin.php' );
-if ( !current_user_can('upload_files') )
+require_once( './includes/default-list-tables.php' );
-	wp_die(__('You do not have permission to upload files.'));
+
 $table = new WP_Media_Table;
 $table->check_permissions();
 // Handle bulk actions
-if ( isset( $_REQUEST['found_post_id'] ) && isset( $_REQUEST['media'] ) ) {
+if ( isset($_REQUEST['find_detached']) ) {
 	check_admin_referer('bulk-media');
 	if ( !current_user_can('edit_posts') )
 		wp_die( __('You are not allowed to scan for lost attachments.') );
 	$lost = $wpdb->get_col( "
 		SELECT ID FROM $wpdb->posts
 		WHERE post_type = 'attachment' AND post_parent > '0'
 		AND post_parent NOT IN (
 			SELECT ID FROM $wpdb->posts
 			WHERE post_type NOT IN ( 'attachment', '" . join( "', '", get_post_types( array( 'public' => false ) ) ) . "' )
 		)
 	" );
 	$_REQUEST['detached'] = 1;
 } elseif ( isset( $_REQUEST['found_post_id'] ) && isset( $_REQUEST['media'] ) ) {
 	check_admin_referer( 'bulk-media' );
 	$parent_id = (int) $_REQUEST['found_post_id'];
@ -111,9 +130,7 @@ if ( isset( $_REQUEST['found_post_id'] ) && isset( $_REQUEST['media'] ) ) {
 	 exit;
 }
-require_once( './includes/default-list-tables.php' );
+$table->prepare_items();
 $table = new WP_Media_Table;
 $title = __('Media Library');
 $parent_file = 'upload.php';
--- a/wp-admin/users.php
+++ b/wp-admin/users.php
@ -12,8 +12,10 @@ require_once( './admin.php' );
 /** WordPress Registration API */
 require_once( ABSPATH . WPINC . '/registration.php');
-if ( !current_user_can('list_users') )
+require_once( './includes/default-list-tables.php' );
-	wp_die(__('Cheatin&#8217; uh?'));
+
 $table = new WP_Users_Table;
 $table->check_permissions();
 $title = __('Users');
 $parent_file = 'users.php';
@ -306,9 +308,7 @@ default:
 		exit;
 	}
-	require_once( './includes/default-list-tables.php' );
+	$table->prepare_items();
 	$table = new WP_Users_Table;
 	include('./admin-header.php');
--- a/wp-includes/functions.php
+++ b/wp-includes/functions.php
@ -2656,9 +2656,12 @@ function wp_nonce_ays( $action ) {
 * @param string|array $args Optional arguements to control behaviour.
 */
 function wp_die( $message, $title = '', $args = array() ) {
 	if ( defined( 'DOING_AJAX' ) && DOING_AJAX )
 		die('-1');
 	if ( function_exists( 'apply_filters' ) ) {
 		$function = apply_filters( 'wp_die_handler', '_default_wp_die_handler');
-	}else {
+	} else {
 		$function = '_default_wp_die_handler';
 	}