Ticket #44591: 44591.diff
File 44591.diff, 4.6 KB (added by , 4 years ago) |
---|
-
src/wp-includes/capabilities.php
67 67 break; 68 68 case 'delete_post': 69 69 case 'delete_page': 70 if ( ! isset( $args[0] ) ) { 71 _doing_it_wrong( 72 __FUNCTION__, 73 sprintf( 74 /* translators: 1: Capability name. 2: Type of content, such as "post" or "comment". */ 75 esc_html__( 'When checking for the "%1$s" capability, you must always check it against a specific %2$s.' ), 76 esc_html( $cap ), 77 ( 'delete_page' === $cap ? esc_html__( 'page' ) : esc_html__( 'post' ) ) 78 ), 79 '5.6.0' 80 ); 81 $caps[] = 'do_not_allow'; 82 break; 83 } 84 70 85 $post = get_post( $args[0] ); 71 86 if ( ! $post ) { 72 87 $caps[] = 'do_not_allow'; … … 140 155 // edit_others_posts. 141 156 case 'edit_post': 142 157 case 'edit_page': 158 if ( ! isset( $args[0] ) ) { 159 _doing_it_wrong( 160 __FUNCTION__, 161 sprintf( 162 /* translators: 1: Capability name. 2: Type of content, such as "post" or "comment". */ 163 esc_html__( 'When checking for the "%1$s" capability, you must always check it against a specific %2$s.' ), 164 esc_html( $cap ), 165 ( 'edit_page' === $cap ? esc_html__( 'page' ) : esc_html__( 'post' ) ) 166 ), 167 '5.6.0' 168 ); 169 $caps[] = 'do_not_allow'; 170 break; 171 } 172 143 173 $post = get_post( $args[0] ); 144 174 if ( ! $post ) { 145 175 $caps[] = 'do_not_allow'; … … 209 239 break; 210 240 case 'read_post': 211 241 case 'read_page': 242 if ( ! isset( $args[0] ) ) { 243 _doing_it_wrong( 244 __FUNCTION__, 245 sprintf( 246 /* translators: 1: Capability name. 2: Type of content, such as "post" or "comment". */ 247 esc_html__( 'When checking for the "%1$s" capability, you must always check it against a specific %2$s.' ), 248 esc_html( $cap ), 249 ( 'read_page' === $cap ? esc_html__( 'page' ) : esc_html__( 'post' ) ) 250 ), 251 '5.6.0' 252 ); 253 $caps[] = 'do_not_allow'; 254 break; 255 } 256 212 257 $post = get_post( $args[0] ); 213 258 if ( ! $post ) { 214 259 $caps[] = 'do_not_allow'; … … 262 307 } 263 308 break; 264 309 case 'publish_post': 310 if ( ! isset( $args[0] ) ) { 311 _doing_it_wrong( 312 __FUNCTION__, 313 sprintf( 314 /* translators: 1: Capability name. 2: Type of content, such as "post" or "comment". */ 315 esc_html__( 'When checking for the "%1$s" capability, you must always check it against a specific %2$s.' ), 316 esc_html( $cap ), 317 esc_html__( 'post' ) 318 ), 319 '5.6.0' 320 ); 321 $caps[] = 'do_not_allow'; 322 break; 323 } 324 265 325 $post = get_post( $args[0] ); 266 326 if ( ! $post ) { 267 327 $caps[] = 'do_not_allow'; … … 291 351 case 'delete_user_meta': 292 352 case 'add_user_meta': 293 353 $object_type = explode( '_', $cap )[1]; 294 $object_id = (int) $args[0];295 354 355 if ( ! isset( $args[0] ) ) { 356 _doing_it_wrong( 357 __FUNCTION__, 358 sprintf( 359 /* translators: 1: Capability name. 2: Type of content, such as "post" or "comment". */ 360 esc_html__( 'When checking for the "%1$s" capability, you must always check it against a specific %2$s.' ), 361 esc_html( $cap ), 362 esc_html( $object_type ) 363 ), 364 '5.6.0' 365 ); 366 $caps[] = 'do_not_allow'; 367 break; 368 } 369 370 $object_id = (int) $args[0]; 371 296 372 $object_subtype = get_object_subtype( $object_type, $object_id ); 297 373 298 374 if ( empty( $object_subtype ) ) { … … 386 462 } 387 463 break; 388 464 case 'edit_comment': 465 if ( ! isset( $args[0] ) ) { 466 _doing_it_wrong( 467 __FUNCTION__, 468 sprintf( 469 /* translators: 1: Capability name. 2: Type of content, such as "post" or "comment". */ 470 esc_html__( 'When checking for the "%1$s" capability, you must always check it against a specific %2$s.' ), 471 esc_html( $cap ), 472 esc_html__( 'comment' ) 473 ), 474 '5.6.0' 475 ); 476 $caps[] = 'do_not_allow'; 477 break; 478 } 479 389 480 $comment = get_comment( $args[0] ); 390 481 if ( ! $comment ) { 391 482 $caps[] = 'do_not_allow'; … … 526 617 case 'edit_term': 527 618 case 'delete_term': 528 619 case 'assign_term': 620 if ( ! isset( $args[0] ) ) { 621 _doing_it_wrong( 622 __FUNCTION__, 623 sprintf( 624 /* translators: 1: Capability name. 2: Type of content, such as "post" or "comment". */ 625 esc_html__( 'When checking for the "%1$s" capability, you must always check it against a specific %2$s.' ), 626 esc_html( $cap ), 627 esc_html__( 'term' ) 628 ), 629 '5.6.0' 630 ); 631 $caps[] = 'do_not_allow'; 632 break; 633 } 634 529 635 $term_id = (int) $args[0]; 530 636 $term = get_term( $term_id ); 531 637 if ( ! $term || is_wp_error( $term ) ) {