IDEA additional info:
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
<+>UTF-8
|
|
|
|
| 373 | 373 | if ( ! empty( $args['plugin'] ) ) { |
| 374 | 374 | $plugin = $args['plugin']; |
| 375 | 375 | |
| 376 | | if ( ! current_user_can( 'edit_plugins' ) ) { |
| 377 | | return new WP_Error( 'unauthorized', __( 'Sorry, you are not allowed to edit plugins for this site.' ) ); |
| | 376 | if ( ! current_user_can( 'edit_plugin', $plugin ) ) { |
| | 377 | return new WP_Error( 'unauthorized', __( 'Sorry, you are not allowed to edit this plugin.' ) ); |
| 378 | 378 | } |
| 379 | 379 | |
| 380 | 380 | if ( ! wp_verify_nonce( $args['nonce'], 'edit-plugin_' . $file ) ) { |
IDEA additional info:
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
<+>UTF-8
|
|
|
|
| 14 | 14 | exit(); |
| 15 | 15 | } |
| 16 | 16 | |
| 17 | | if ( ! current_user_can( 'edit_plugins' ) ) { |
| 18 | | wp_die( __( 'Sorry, you are not allowed to edit plugins for this site.' ) ); |
| | 17 | $file = ( isset( $_REQUEST['file'] ) ) ? wp_unslash( $_REQUEST['file'] ) : ''; |
| | 18 | $plugin = isset( $_REQUEST['plugin'] ) ? wp_unslash( sanitize_text_field( $_REQUEST['plugin'] ) ) : ''; |
| | 19 | |
| | 20 | if ( ! current_user_can( 'edit_plugin', $plugin) ) { |
| | 21 | if( empty( $plugin ) ) |
| | 22 | wp_die( __( 'Sorry, you are not allowed to edit plugins for this site.' ) ); |
| | 23 | else |
| | 24 | wp_die( __( 'Sorry, you are not allowed to edit this plugin.' ) ); |
| 19 | 25 | } |
| 20 | 26 | |
| 21 | 27 | $title = __( 'Edit Plugins' ); |
| … |
… |
|
| 35 | 41 | exit; |
| 36 | 42 | } |
| 37 | 43 | |
| 38 | | $file = ''; |
| 39 | | $plugin = ''; |
| 40 | | if ( isset( $_REQUEST['file'] ) ) { |
| 41 | | $file = wp_unslash( $_REQUEST['file'] ); |
| 42 | | } |
| 43 | | |
| 44 | | if ( isset( $_REQUEST['plugin'] ) ) { |
| 45 | | $plugin = wp_unslash( $_REQUEST['plugin'] ); |
| 46 | | } |
| 47 | | |
| 48 | 44 | if ( empty( $plugin ) ) { |
| 49 | 45 | if ( $file ) { |
| 50 | 46 | |
| … |
… |
|
| 219 | 215 | <select name="plugin" id="plugin"> |
| 220 | 216 | <?php |
| 221 | 217 | foreach ( $plugins as $plugin_key => $a_plugin ) { |
| | 218 | |
| | 219 | if( ! current_user_can( 'edit_plugin', $plugin_key) ) |
| | 220 | continue; |
| | 221 | |
| 222 | 222 | $plugin_name = $a_plugin['Name']; |
| 223 | 223 | if ( $plugin_key == $plugin ) { |
| 224 | 224 | $selected = " selected='selected'"; |
IDEA additional info:
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
<+>UTF-8
|
|
|
|
| 402 | 402 | break; |
| 403 | 403 | case 'edit_files': |
| 404 | 404 | case 'edit_plugins': |
| | 405 | case 'edit_plugin': |
| 405 | 406 | case 'edit_themes': |
| 406 | 407 | // Disallow the file editors. |
| 407 | 408 | if ( defined( 'DISALLOW_FILE_EDIT' ) && DISALLOW_FILE_EDIT ) { |
| … |
… |
|
| 411 | 412 | } elseif ( is_multisite() && ! is_super_admin( $user_id ) ) { |
| 412 | 413 | $caps[] = 'do_not_allow'; |
| 413 | 414 | } else { |
| 414 | | $caps[] = |
| | 415 | $caps[] = ( $cap == 'edit_plugin' ) ? 'edit_plugins' : $cap; |
| 415 | 416 | } |
| 416 | 417 | break; |
| 417 | 418 | case 'update_plugins': |