WordPress.org

Make WordPress Core

Ticket #33763: 33763.2.diff

File 33763.2.diff, 1.1 KB (added by swissspidy, 5 years ago)
  • src/wp-admin/edit.php

    diff --git src/wp-admin/edit.php src/wp-admin/edit.php
    index 782b61d..86c65cb 100644
     
    99/** WordPress Administration Bootstrap */
    1010require_once( dirname( __FILE__ ) . '/admin.php' );
    1111
    12 if ( ! $typenow )
     12if ( ! $typenow ) {
    1313        wp_die( __( 'Invalid post type' ) );
     14}
     15
     16if ( ! in_array( $typenow, get_post_types( array( 'show_ui' => true ) ) ) ) {
     17        wp_die( __( 'You are not allowed to edit posts in this post type.' ) );
     18}
    1419
    1520if ( 'attachment' === $typenow ) {
    1621        if ( wp_redirect( admin_url( 'upload.php' ) ) ) {
  • src/wp-admin/post.php

    diff --git src/wp-admin/post.php src/wp-admin/post.php
    index 2fcef19..ba43eb1 100644
    case 'edit': 
    109109        if ( ! $post_type_object )
    110110                wp_die( __( 'Unknown post type.' ) );
    111111
     112        if ( ! in_array( $typenow, get_post_types( array( 'show_ui' => true ) ) ) ) {
     113                wp_die( __( 'You are not allowed to edit posts in this post type.' ) );
     114        }
     115
    112116        if ( ! current_user_can( 'edit_post', $post_id ) )
    113117                wp_die( __( 'You are not allowed to edit this item.' ) );
    114118