Permalink
Browse files

Add some CYA cap checks.

git-svn-id: http://svn.automattic.com/wordpress/branches/2.8@11766 1a063a9b-81f0-0310-95a4-ce76da25c4cd
  • Loading branch information...
1 parent 57dad41 commit b3458cc79c6111df7705f0318158b40abc8a473f ryan committed Aug 2, 2009
Showing with 9 additions and 0 deletions.
  1. +3 −0 wp-admin/edit-comments.php
  2. +3 −0 wp-admin/edit-pages.php
  3. +3 −0 wp-admin/edit.php
@@ -9,6 +9,9 @@
/** WordPress Administration Bootstrap */
require_once('admin.php');
+if ( !current_user_can('edit_posts') )
+ wp_die(__('Cheatin’ uh?'));
+
wp_enqueue_script('admin-comments');
enqueue_comment_hotkeys_js();
View
@@ -9,6 +9,9 @@
/** WordPress Administration Bootstrap */
require_once('admin.php');
+if ( !current_user_can('edit_pages') )
+ wp_die(__('Cheatin’ uh?'));
+
// Handle bulk actions
if ( isset($_GET['action']) && ( -1 != $_GET['action'] || -1 != $_GET['action2'] ) ) {
$doaction = ( -1 != $_GET['action'] ) ? $_GET['action'] : $_GET['action2'];
View
@@ -9,6 +9,9 @@
/** WordPress Administration Bootstrap */
require_once('admin.php');
+if ( !current_user_can('edit_posts') )
+ wp_die(__('Cheatin’ uh?'));
+
// Back-compat for viewing comments of an entry
if ( $_redirect = intval( max( @$_GET['p'], @$_GET['attachment_id'], @$_GET['page_id'] ) ) ) {
wp_redirect( admin_url('edit-comments.php?p=' . $_redirect ) );

0 comments on commit b3458cc

Please sign in to comment.