mirror of
https://github.com/gosticks/wordpress-develop.git
synced 2026-07-01 15:50:09 +00:00
Use meta caps edit_post, read_post, and delete_post directly, rather than consulting the post type object. map_meta_cap() handles that for us. props markjaquith, kovshenin. fixes #23226.
git-svn-id: https://develop.svn.wordpress.org/trunk@24593 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
@@ -47,8 +47,7 @@ if ( isset($_REQUEST['attachment_id']) && ($id = intval($_REQUEST['attachment_id
|
||||
$post = get_post( $id );
|
||||
if ( 'attachment' != $post->post_type )
|
||||
wp_die( __( 'Unknown post type.' ) );
|
||||
$post_type_object = get_post_type_object( 'attachment' );
|
||||
if ( ! current_user_can( $post_type_object->cap->edit_post, $id ) )
|
||||
if ( ! current_user_can( 'edit_post', $id ) )
|
||||
wp_die( __( 'You are not allowed to edit this item.' ) );
|
||||
|
||||
switch ( $_REQUEST['fetch'] ) {
|
||||
|
||||
Reference in New Issue
Block a user