Ticket #44591: 44591-3.diff
File 44591-3.diff, 4.6 KB (added by , 3 years ago) |
---|
-
src/wp-includes/capabilities.php
73 73 break; 74 74 case 'delete_post': 75 75 case 'delete_page': 76 if ( ! isset( $args[0] ) ) { 77 _doing_it_wrong( 78 __FUNCTION__, 79 sprintf( 80 /* translators: 1: Capability name. 2: Type of content, such as "post" or "comment". */ 81 esc_html__( 'When checking for the "%1$s" capability, you must always check it against a specific %2$s.' ), 82 esc_html( $cap ), 83 ( ( 'delete_page' === $cap ) ? esc_html__( 'page' ) : esc_html__( 'post' ) ) 84 ), 85 '5.9.0' 86 ); 87 $caps[] = 'do_not_allow'; 88 break; 89 } 90 76 91 $post = get_post( $args[0] ); 77 92 if ( ! $post ) { 78 93 $caps[] = 'do_not_allow'; … … 146 161 // edit_others_posts. 147 162 case 'edit_post': 148 163 case 'edit_page': 164 if ( ! isset( $args[0] ) ) { 165 _doing_it_wrong( 166 __FUNCTION__, 167 sprintf( 168 /* translators: 1: Capability name. 2: Type of content, such as "post" or "comment". */ 169 esc_html__( 'When checking for the "%1$s" capability, you must always check it against a specific %2$s.' ), 170 esc_html( $cap ), 171 ( ( 'edit_page' === $cap ) ? esc_html__( 'page' ) : esc_html__( 'post' ) ) 172 ), 173 '5.9.0' 174 ); 175 $caps[] = 'do_not_allow'; 176 break; 177 } 178 149 179 $post = get_post( $args[0] ); 150 180 if ( ! $post ) { 151 181 $caps[] = 'do_not_allow'; … … 215 245 break; 216 246 case 'read_post': 217 247 case 'read_page': 248 if ( ! isset( $args[0] ) ) { 249 _doing_it_wrong( 250 __FUNCTION__, 251 sprintf( 252 /* translators: 1: Capability name. 2: Type of content, such as "post" or "comment". */ 253 esc_html__( 'When checking for the "%1$s" capability, you must always check it against a specific %2$s.' ), 254 esc_html( $cap ), 255 ( ( 'read_page' === $cap ) ? esc_html__( 'page' ) : esc_html__( 'post' ) ) 256 ), 257 '5.9.0' 258 ); 259 $caps[] = 'do_not_allow'; 260 break; 261 } 262 218 263 $post = get_post( $args[0] ); 219 264 if ( ! $post ) { 220 265 $caps[] = 'do_not_allow'; … … 268 313 } 269 314 break; 270 315 case 'publish_post': 316 if ( ! isset( $args[0] ) ) { 317 _doing_it_wrong( 318 __FUNCTION__, 319 sprintf( 320 /* translators: 1: Capability name. 2: Type of content, such as "post" or "comment". */ 321 esc_html__( 'When checking for the "%1$s" capability, you must always check it against a specific %2$s.' ), 322 esc_html( $cap ), 323 esc_html__( 'post' ) 324 ), 325 '5.9.0' 326 ); 327 $caps[] = 'do_not_allow'; 328 break; 329 } 330 271 331 $post = get_post( $args[0] ); 272 332 if ( ! $post ) { 273 333 $caps[] = 'do_not_allow'; … … 297 357 case 'delete_user_meta': 298 358 case 'add_user_meta': 299 359 $object_type = explode( '_', $cap )[1]; 300 $object_id = (int) $args[0];301 360 361 if ( ! isset( $args[0] ) ) { 362 _doing_it_wrong( 363 __FUNCTION__, 364 sprintf( 365 /* translators: 1: Capability name. 2: Type of content, such as "post" or "comment". */ 366 esc_html__( 'When checking for the "%1$s" capability, you must always check it against a specific %2$s.' ), 367 esc_html( $cap ), 368 esc_html( $object_type ) 369 ), 370 '5.9.0' 371 ); 372 $caps[] = 'do_not_allow'; 373 break; 374 } 375 376 $object_id = (int) $args[0]; 377 302 378 $object_subtype = get_object_subtype( $object_type, $object_id ); 303 379 304 380 if ( empty( $object_subtype ) ) { … … 392 468 } 393 469 break; 394 470 case 'edit_comment': 471 if ( ! isset( $args[0] ) ) { 472 _doing_it_wrong( 473 __FUNCTION__, 474 sprintf( 475 /* translators: 1: Capability name. 2: Type of content, such as "post" or "comment". */ 476 esc_html__( 'When checking for the "%1$s" capability, you must always check it against a specific %2$s.' ), 477 esc_html( $cap ), 478 esc_html__( 'comment' ) 479 ), 480 '5.9.0' 481 ); 482 $caps[] = 'do_not_allow'; 483 break; 484 } 485 395 486 $comment = get_comment( $args[0] ); 396 487 if ( ! $comment ) { 397 488 $caps[] = 'do_not_allow'; … … 532 623 case 'edit_term': 533 624 case 'delete_term': 534 625 case 'assign_term': 626 if ( ! isset( $args[0] ) ) { 627 _doing_it_wrong( 628 __FUNCTION__, 629 sprintf( 630 /* translators: 1: Capability name. 2: Type of content, such as "post" or "comment". */ 631 esc_html__( 'When checking for the "%1$s" capability, you must always check it against a specific %2$s.' ), 632 esc_html( $cap ), 633 esc_html__( 'term' ) 634 ), 635 '5.9.0' 636 ); 637 $caps[] = 'do_not_allow'; 638 break; 639 } 640 535 641 $term_id = (int) $args[0]; 536 642 $term = get_term( $term_id ); 537 643 if ( ! $term || is_wp_error( $term ) ) {