vhad/wordpress-develop
1
0
Fork 0
mirror of https://github.com/gosticks/wordpress-develop.git synced 2026-06-28 22:30:04 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Use get_current_user() and get_current_user_id() instead of global . Props filofo. see #13934 for trunk

Browse Source 
git-svn-id: https://develop.svn.wordpress.org/trunk@15315 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Ryan Boren
2010-06-24 15:01:29 +00:00
parent 3cd056320a
commit 494ee995b5
11 changed files with 56 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
wp-admin/includes/user.php
View File

@@ -21,13 +21,13 @@
*/
function add_user() {
if ( func_num_args() ) { // The hackiest hack that ever did hack
global $current_user, $wp_roles;
global $wp_roles;
$user_id = (int) func_get_arg( 0 );
if ( isset( $_POST['role'] ) ) {
$new_role = sanitize_text_field( $_POST['role'] );
// Don't let anyone with 'edit_users' (admins) edit their own role to something without it.
if ( $user_id != $current_user->id || $wp_roles->role_objects[$new_role]->has_cap( 'edit_users' ) ) {
if ( $user_id != get_current_user_id() || $wp_roles->role_objects[$new_role]->has_cap( 'edit_users' ) ) {
// If the new role isn't editable by the logged-in user die with error
$editable_roles = get_editable_roles();
if ( empty( $editable_roles[$new_role] ) )
@@ -54,7 +54,7 @@ function add_user() {
* @return int user id of the updated user
*/
function edit_user( $user_id = 0 ) {
global $current_user, $wp_roles, $wpdb;
global $wp_roles, $wpdb;
if ( $user_id != 0 ) {
$update = true;
$user->ID = (int) $user_id;
@@ -79,7 +79,7 @@ function edit_user( $user_id = 0 ) {
$potential_role = isset($wp_roles->role_objects[$new_role]) ? $wp_roles->role_objects[$new_role] : false;
// Don't let anyone with 'edit_users' (admins) edit their own role to something without it.
// Multisite super admins can freely edit their blog roles -- they possess all caps.
if ( ( is_multisite() && current_user_can( 'manage_sites' ) ) || $user_id != $current_user->id || ($potential_role && $potential_role->has_cap( 'edit_users' ) ) )
if ( ( is_multisite() && current_user_can( 'manage_sites' ) ) || $user_id != get_current_user_id() || ($potential_role && $potential_role->has_cap( 'edit_users' ) ) )
$user->role = $new_role;
// If the new role isn't editable by the logged-in user die with error