Ticket #33679: 33679.diff
File 33679.diff, 1.6 KB (added by , 9 years ago) |
---|
-
src/wp-admin/users.php
10 10 require_once( dirname( __FILE__ ) . '/admin.php' ); 11 11 12 12 if ( ! current_user_can( 'list_users' ) ) 13 wp_die( __( 'Cheatin’ uh?' ), 403 ); 13 wp_die( 14 '<h1>' . __( 'Cheatin’ uh?' ) . '</h1>' . 15 '<p>' . __( 'You are not allowed to browse users.' ) . '</p>', 16 403 ); 14 17 15 18 $wp_list_table = _get_list_table('WP_Users_List_Table'); 16 19 $pagenum = $wp_list_table->get_pagenum(); … … 127 130 } 128 131 129 132 // If the user doesn't already belong to the blog, bail. 130 if ( is_multisite() && !is_user_member_of_blog( $id ) ) 131 wp_die( __( 'Cheatin’ uh?' ), 403 ); 133 if ( is_multisite() && !is_user_member_of_blog( $id ) ) { 134 wp_die( 135 '<h1>' . __( 'Cheatin’ uh?' ) . '</h1>' . 136 '<p>' . __( 'One of the selected users in not a member of this site.' ) . '</p>', 137 403 ); 138 } 132 139 133 140 $user = get_userdata( $id ); 134 141 $user->set_role($_REQUEST['new_role']); -
src/wp-includes/class-wp-xmlrpc-server.php
2411 2411 do_action( 'xmlrpc_call', 'wp.getUsers' ); 2412 2412 2413 2413 if ( ! current_user_can( 'list_users' ) ) 2414 return new IXR_Error( 401, __( ' Sorry, you cannot listusers.' ) );2414 return new IXR_Error( 401, __( 'You are not allowed to browse users.' ) ); 2415 2415 2416 2416 $query = array( 'fields' => 'all_with_meta' ); 2417 2417