Make WordPress Core

Ticket #37492: 37492.patch

File 37492.patch, 12.5 KB (added by ramiy, 8 years ago)
  • wp-admin/customize.php

     
    1313require_once( dirname( __FILE__ ) . '/admin.php' );
    1414
    1515if ( ! current_user_can( 'customize' ) ) {
    16         wp_die(
    17                 '<h1>' . __( 'Cheatin&#8217; uh?' ) . '</h1>' .
    18                 '<p>' . __( 'Sorry, you are not allowed to customize this site.' ) . '</p>',
    19                 403
    20         );
     16        wp_die( __( 'Sorry, you are not allowed to customize this site.' ), 403 );
    2117}
    2218
    2319wp_reset_vars( array( 'url', 'return', 'autofocus' ) );
  • wp-admin/edit-comments.php

     
    99/** WordPress Administration Bootstrap */
    1010require_once( dirname( __FILE__ ) . '/admin.php' );
    1111if ( ! current_user_can( 'edit_posts' ) ) {
    12         wp_die(
    13                 '<h1>' . __( 'Cheatin&#8217; uh?' ) . '</h1>' .
    14                 '<p>' . __( 'Sorry, you are not allowed to edit comments.' ) . '</p>',
    15                 403
    16         );
     12        wp_die( __( 'Sorry, you are not allowed to edit comments.' ), 403 );
    1713}
    1814
    1915$wp_list_table = _get_list_table('WP_Comments_List_Table');
  • wp-admin/edit-tags.php

     
    1818        wp_die( __( 'Invalid taxonomy.' ) );
    1919
    2020if ( ! in_array( $tax->name, get_taxonomies( array( 'show_ui' => true ) ) ) ) {
    21    wp_die( __( 'Sorry, you are not allowed to manage these items.' ) );
     21        wp_die( __( 'Sorry, you are not allowed to manage these items.' ) );
    2222}
    2323
    2424if ( ! current_user_can( $tax->cap->manage_terms ) ) {
    25         wp_die(
    26                 '<h1>' . __( 'Cheatin&#8217; uh?' ) . '</h1>' .
    27                 '<p>' . __( 'Sorry, you are not allowed to manage these items.' ) . '</p>',
    28                 403
    29         );
     25        wp_die( __( 'Sorry, you are not allowed to manage these items.' ), 403 );
    3026}
    3127
    3228/**
     
    6965        check_admin_referer( 'add-tag', '_wpnonce_add-tag' );
    7066
    7167        if ( ! current_user_can( $tax->cap->edit_terms ) ) {
    72                 wp_die(
    73                         '<h1>' . __( 'Cheatin&#8217; uh?' ) . '</h1>' .
    74                         '<p>' . __( 'Sorry, you are not allowed to add this item.' ) . '</p>',
    75                         403
    76                 );
     68                wp_die( __( 'Sorry, you are not allowed to add this item.' ), 403 );
    7769        }
    7870
    7971        $ret = wp_insert_term( $_POST['tag-name'], $taxonomy, $_POST );
     
    109101        check_admin_referer( 'delete-tag_' . $tag_ID );
    110102
    111103        if ( ! current_user_can( $tax->cap->delete_terms ) ) {
    112                 wp_die(
    113                         '<h1>' . __( 'Cheatin&#8217; uh?' ) . '</h1>' .
    114                         '<p>' . __( 'Sorry, you are not allowed to delete this item.' ) . '</p>',
    115                         403
    116                 );
     104                wp_die( __( 'Sorry, you are not allowed to delete this item.' ), 403 );
    117105        }
    118106
    119107        wp_delete_term( $tag_ID, $taxonomy );
     
    126114        check_admin_referer( 'bulk-tags' );
    127115
    128116        if ( ! current_user_can( $tax->cap->delete_terms ) ) {
    129                 wp_die(
    130                         '<h1>' . __( 'Cheatin&#8217; uh?' ) . '</h1>' .
    131                         '<p>' . __( 'Sorry, you are not allowed to delete these items.' ) . '</p>',
    132                         403
    133                 );
     117                wp_die( __( 'Sorry, you are not allowed to delete these items.' ), 403 );
    134118        }
    135119
    136120        $tags = (array) $_REQUEST['delete_tags'];
     
    169153        check_admin_referer( 'update-tag_' . $tag_ID );
    170154
    171155        if ( ! current_user_can( $tax->cap->edit_terms ) ) {
    172                 wp_die(
    173                         '<h1>' . __( 'Cheatin&#8217; uh?' ) . '</h1>' .
    174                         '<p>' . __( 'Sorry, you are not allowed to edit this item.' ) . '</p>',
    175                         403
    176                 );
     156                wp_die( __( 'Sorry, you are not allowed to edit this item.' ), 403 );
    177157        }
    178158
    179159        $tag = get_term( $tag_ID, $taxonomy );
     
    295275require_once( ABSPATH . 'wp-admin/admin-header.php' );
    296276
    297277if ( ! current_user_can( $tax->cap->edit_terms ) ) {
    298         wp_die(
    299                 '<h1>' . __( 'Cheatin&#8217; uh?' ) . '</h1>' .
    300                 '<p>' . __( 'Sorry, you are not allowed to edit this item.' ) . '</p>',
    301                 403
    302         );
     278        wp_die( __( 'Sorry, you are not allowed to edit this item.' ), 403 );
    303279}
    304280
    305281/** Also used by the Edit Tag  form */
  • wp-admin/edit.php

     
    3535        wp_die( __( 'Invalid post type.' ) );
    3636
    3737if ( ! current_user_can( $post_type_object->cap->edit_posts ) ) {
    38         wp_die(
    39                 '<h1>' . __( 'Cheatin&#8217; uh?' ) . '</h1>' .
    40                 '<p>' . __( 'Sorry, you are not allowed to edit posts in this post type.' ) . '</p>',
    41                 403
    42         );
     38        wp_die( __( 'Sorry, you are not allowed to edit posts in this post type.' ), 403 );
    4339}
    4440
    4541$wp_list_table = _get_list_table('WP_Posts_List_Table');
  • wp-admin/includes/bookmark.php

     
    2727 */
    2828function edit_link( $link_id = 0 ) {
    2929        if ( ! current_user_can( 'manage_links' ) ) {
    30                 wp_die(
    31                         '<h1>' . __( 'Cheatin&#8217; uh?' ) . '</h1>' .
    32                         '<p>' . __( 'Sorry, you are not allowed to edit the links for this site.' ) . '</p>',
    33                         403
    34                 );
     30                wp_die( __( 'Sorry, you are not allowed to edit the links for this site.' ), 403 );
    3531        }
    3632
    3733        $_POST['link_url'] = esc_html( $_POST['link_url'] );
  • wp-admin/media-upload.php

     
    4141}
    4242
    4343if ( ! empty( $_REQUEST['post_id'] ) && ! current_user_can( 'edit_post' , $_REQUEST['post_id'] ) ) {
    44         wp_die(
    45                 '<h1>' . __( 'Cheatin&#8217; uh?' ) . '</h1>' .
    46                 '<p>' . __( 'Sorry, you are not allowed to edit this item.' ) . '</p>',
    47                 403
    48         );
     44        wp_die( __( 'Sorry, you are not allowed to edit this item.' ), 403 );
    4945}
    5046
    5147// Upload type: image, video, file, ..?
  • wp-admin/nav-menus.php

     
    2020
    2121// Permissions Check
    2222if ( ! current_user_can( 'edit_theme_options' ) ) {
    23         wp_die(
    24                 '<h1>' . __( 'Cheatin&#8217; uh?' ) . '</h1>' .
    25                 '<p>' . __( 'Sorry, you are not allowed to edit theme options on this site.' ) . '</p>',
    26                 403
    27         );
     23        wp_die( __( 'Sorry, you are not allowed to edit theme options on this site.' ), 403 );
    2824}
    2925
    3026wp_enqueue_script( 'nav-menu' );
  • wp-admin/options.php

     
    4545}
    4646
    4747if ( ! current_user_can( $capability ) ) {
    48         wp_die(
    49                 '<h1>' . __( 'Cheatin&#8217; uh?' ) . '</h1>' .
    50                 '<p>' . __( 'Sorry, you are not allowed to manage these items.' ) . '</p>',
    51                 403
    52         );
     48        wp_die( __( 'Sorry, you are not allowed to manage these items.' ), 403 );
    5349}
    5450
    5551// Handle admin email change requests
  • wp-admin/post-new.php

     
    5555$editing = true;
    5656
    5757if ( ! current_user_can( $post_type_object->cap->edit_posts ) || ! current_user_can( $post_type_object->cap->create_posts ) ) {
    58         wp_die(
    59                 '<h1>' . __( 'Cheatin&#8217; uh?' ) . '</h1>' .
    60                 '<p>' . __( 'Sorry, you are not allowed to create posts as this user.' ) . '</p>',
    61                 403
    62         );
     58        wp_die( __( 'Sorry, you are not allowed to create posts as this user.' ), 403 );
    6359}
    6460
    6561// Schedule auto-draft cleanup
  • wp-admin/press-this.php

     
    1212require_once( dirname( __FILE__ ) . '/admin.php' );
    1313
    1414if ( ! current_user_can( 'edit_posts' ) || ! current_user_can( get_post_type_object( 'post' )->cap->create_posts ) ) {
    15         wp_die(
    16                 '<h1>' . __( 'Cheatin&#8217; uh?' ) . '</h1>' .
    17                 '<p>' . __( 'Sorry, you are not allowed to create posts as this user.' ) . '</p>',
    18                 403
    19         );
     15        wp_die( __( 'Sorry, you are not allowed to create posts as this user.' ), 403 );
    2016}
    2117
    2218/**
  • wp-admin/term.php

     
    3333if ( ! in_array( $taxonomy, get_taxonomies( array( 'show_ui' => true ) ) ) ||
    3434     ! current_user_can( $tax->cap->manage_terms )
    3535) {
    36         wp_die(
    37                 '<h1>' . __( 'Cheatin&#8217; uh?' ) . '</h1>' .
    38                 '<p>' . __( 'Sorry, you are not allowed to manage this item.' ) . '</p>',
    39                 403
    40         );
     36        wp_die( __( 'Sorry, you are not allowed to manage this item.' ), 403 );
    4137}
    4238
    4339$post_type = get_current_screen()->post_type;
  • wp-admin/themes.php

     
    1010require_once( dirname( __FILE__ ) . '/admin.php' );
    1111
    1212if ( ! current_user_can( 'switch_themes' ) && ! current_user_can( 'edit_theme_options' ) ) {
    13         wp_die(
    14                 '<h1>' . __( 'Cheatin&#8217; uh?' ) . '</h1>' .
    15                 '<p>' . __( 'Sorry, you are not allowed to edit theme options on this site.' ) . '</p>',
    16                 403
    17         );
     13        wp_die( __( 'Sorry, you are not allowed to edit theme options on this site.' ), 403 );
    1814}
    1915
    2016if ( current_user_can( 'switch_themes' ) && isset($_GET['action'] ) ) {
     
    3834                $theme = wp_get_theme( $_GET['stylesheet'] );
    3935
    4036                if ( ! current_user_can( 'delete_themes' ) ) {
    41                         wp_die(
    42                                 '<h1>' . __( 'Cheatin&#8217; uh?' ) . '</h1>' .
    43                                 '<p>' . __( 'Sorry, you are not allowed to delete this item.' ) . '</p>',
    44                                 403
    45                         );
     37                        wp_die( __( 'Sorry, you are not allowed to delete this item.' ), 403 );
    4638                }
    4739
    4840                if ( ! $theme->exists() ) {
  • wp-admin/user-new.php

     
    1111
    1212if ( is_multisite() ) {
    1313        if ( ! current_user_can( 'create_users' ) && ! current_user_can( 'promote_users' ) ) {
    14                 wp_die(
    15                         '<h1>' . __( 'Cheatin&#8217; uh?' ) . '</h1>' .
    16                         '<p>' . __( 'Sorry, you are not allowed to add users to this network.' ) . '</p>',
    17                         403
    18                 );
     14                wp_die( __( 'Sorry, you are not allowed to add users to this network.' ), 403 );
    1915        }
    2016} elseif ( ! current_user_can( 'create_users' ) ) {
    21         wp_die(
    22                 '<h1>' . __( 'Cheatin&#8217; uh?' ) . '</h1>' .
    23                 '<p>' . __( 'Sorry, you are not allowed to create users.' ) . '</p>',
    24                 403
    25         );
     17        wp_die( __( 'Sorry, you are not allowed to create users.' ), 403 );
    2618}
    2719
    2820if ( is_multisite() ) {
     
    5143        }
    5244
    5345        if ( ! current_user_can( 'promote_user', $user_details->ID ) ) {
    54                 wp_die(
    55                         '<h1>' . __( 'Cheatin&#8217; uh?' ) . '</h1>' .
    56                         '<p>' . __( 'Sorry, you are not allowed to add users to this network.' ) . '</p>',
    57                         403
    58                 );
     46                wp_die( __( 'Sorry, you are not allowed to add users to this network.' ), 403 );
    5947        }
    6048
    6149        // Adding an existing user to this blog
     
    10593        check_admin_referer( 'create-user', '_wpnonce_create-user' );
    10694
    10795        if ( ! current_user_can( 'create_users' ) ) {
    108                 wp_die(
    109                         '<h1>' . __( 'Cheatin&#8217; uh?' ) . '</h1>' .
    110                         '<p>' . __( 'Sorry, you are not allowed to create users.' ) . '</p>',
    111                         403
    112                 );
     96                wp_die( __( 'Sorry, you are not allowed to create users.' ), 403 );
    11397        }
    11498
    11599        if ( ! is_multisite() ) {
  • wp-admin/users.php

     
    1111require_once( dirname( __FILE__ ) . '/admin.php' );
    1212
    1313if ( ! current_user_can( 'list_users' ) ) {
    14         wp_die(
    15                 '<h1>' . __( 'Cheatin&#8217; uh?' ) . '</h1>' .
    16                 '<p>' . __( 'Sorry, you are not allowed to browse users.' ) . '</p>',
    17                 403
    18         );
     14        wp_die( __( 'Sorry, you are not allowed to browse users.' ), 403 );
    1915}
    2016
    2117$wp_list_table = _get_list_table('WP_Users_List_Table');
  • wp-admin/widgets.php

     
    1313require_once(ABSPATH . 'wp-admin/includes/widgets.php');
    1414
    1515if ( ! current_user_can( 'edit_theme_options' ) ) {
    16         wp_die(
    17                 '<h1>' . __( 'Cheatin&#8217; uh?' ) . '</h1>' .
    18                 '<p>' . __( 'Sorry, you are not allowed to edit theme options on this site.' ) . '</p>',
    19                 403
    20         );
     16        wp_die( __( 'Sorry, you are not allowed to edit theme options on this site.' ), 403 );
    2117}
    2218
    2319$widgets_access = get_user_setting( 'widgets_access' );