Provide more helpful feedback than just "Cheatin' uh?" for permission errors in `wp-admin/users.php`.
props ericlewis, kraftbj, lukecarbis, mrmist. fixes #33679. see #14530. Built from https://develop.svn.wordpress.org/trunk@33885 git-svn-id: http://core.svn.wordpress.org/trunk@33854 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
b4fbbf53cf
commit
ce05b02a59
|
@ -9,8 +9,13 @@
|
||||||
/** WordPress Administration Bootstrap */
|
/** WordPress Administration Bootstrap */
|
||||||
require_once( dirname( __FILE__ ) . '/admin.php' );
|
require_once( dirname( __FILE__ ) . '/admin.php' );
|
||||||
|
|
||||||
if ( ! current_user_can( 'list_users' ) )
|
if ( ! current_user_can( 'list_users' ) ) {
|
||||||
wp_die( __( 'Cheatin’ uh?' ), 403 );
|
wp_die(
|
||||||
|
'<h1>' . __( 'Cheatin’ uh?' ) . '</h1>' .
|
||||||
|
'<p>' . __( 'You are not allowed to browse users.' ) . '</p>',
|
||||||
|
403
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
$wp_list_table = _get_list_table('WP_Users_List_Table');
|
$wp_list_table = _get_list_table('WP_Users_List_Table');
|
||||||
$pagenum = $wp_list_table->get_pagenum();
|
$pagenum = $wp_list_table->get_pagenum();
|
||||||
|
@ -127,8 +132,13 @@ case 'promote':
|
||||||
}
|
}
|
||||||
|
|
||||||
// If the user doesn't already belong to the blog, bail.
|
// If the user doesn't already belong to the blog, bail.
|
||||||
if ( is_multisite() && !is_user_member_of_blog( $id ) )
|
if ( is_multisite() && !is_user_member_of_blog( $id ) ) {
|
||||||
wp_die( __( 'Cheatin’ uh?' ), 403 );
|
wp_die(
|
||||||
|
'<h1>' . __( 'Cheatin’ uh?' ) . '</h1>' .
|
||||||
|
'<p>' . __( 'One of the selected users in not a member of this site.' ) . '</p>',
|
||||||
|
403
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
$user = get_userdata( $id );
|
$user = get_userdata( $id );
|
||||||
$user->set_role($_REQUEST['new_role']);
|
$user->set_role($_REQUEST['new_role']);
|
||||||
|
|
|
@ -2411,7 +2411,7 @@ class wp_xmlrpc_server extends IXR_Server {
|
||||||
do_action( 'xmlrpc_call', 'wp.getUsers' );
|
do_action( 'xmlrpc_call', 'wp.getUsers' );
|
||||||
|
|
||||||
if ( ! current_user_can( 'list_users' ) )
|
if ( ! current_user_can( 'list_users' ) )
|
||||||
return new IXR_Error( 401, __( 'Sorry, you cannot list users.' ) );
|
return new IXR_Error( 401, __( 'You are not allowed to browse users.' ) );
|
||||||
|
|
||||||
$query = array( 'fields' => 'all_with_meta' );
|
$query = array( 'fields' => 'all_with_meta' );
|
||||||
|
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
*
|
*
|
||||||
* @global string $wp_version
|
* @global string $wp_version
|
||||||
*/
|
*/
|
||||||
$wp_version = '4.4-alpha-33884';
|
$wp_version = '4.4-alpha-33885';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
|
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
|
||||||
|
|
Loading…
Reference in New Issue