vhad/wordpress-develop
1
0
Fork 0
mirror of https://github.com/gosticks/wordpress-develop.git synced 2026-06-28 22:30:04 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fixed admin level security problem.

Browse Source 
Plus an user -> a user


git-svn-id: https://develop.svn.wordpress.org/trunk@149 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Mike Little
2003-06-03 00:08:51 +00:00
parent 10fedfea94
commit adce403896
3 changed files with 10 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
wp-admin/b2edit.php
View File

@@ -127,7 +127,7 @@ switch($action) {
if ($user_level > 0) {
$postdata = get_postdata($post);
$authordata = get_userdata($postdata["Author_ID"]);
if ($user_level < $authordata[13])
if ($user_level < $authordata->user_level)
die ('You don&#8217;t have the right to edit <strong>'.$authordata[1].'</strong>&#8217;s posts.');
$content = $postdata['Content'];
@@ -218,7 +218,7 @@ switch($action) {
$postdata=get_postdata($post) or die("Oops, no post with this ID. <a href=\"b2edit.php\">Go back</a> !");
$authordata = get_userdata($postdata["Author_ID"]);
if ($user_level < $authordata[13])
if ($user_level < $authordata->user_level)
die ("You don't have the right to delete <b>".$authordata[1]."</b>'s posts.");
$query = "DELETE FROM $tableposts WHERE ID=$post";