WordPress.org
Get WordPress

Make WordPress Core


Ignore:
Timestamp:
02/10/2010 04:49:16 PM (15 years ago)
Author:
ryan
Message:

Use switch_themes instead of edit_themes so that non super admins on multisite installs can customize headers and backgrounds. Add CYA cap checks.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/wp-admin/custom-background.php

    r13041 r13043  
    5353     */
    5454    function init() {
     55        if ( ! current_user_can('switch_themes') )
     56            return;
     57
    5558        $page = add_theme_page(__('Custom Background'), __('Custom Background'), 'switch_themes', 'custom-background', array(&$this, 'admin_page'));
    5659
     
    8487     */
    8588    function take_action() {
     89        if ( ! current_user_can('switch_themes') )
     90            return;
     91
    8692        if ( isset($_POST['reset-background']) ) {
    8793            check_admin_referer('custom-background');
     
    235241     */
    236242    function admin_page() {
     243        if ( ! current_user_can('switch_themes') )
     244            wp_die(__('You do not have permission to customize the background.'));
    237245        $step = $this->step();
    238246        if ( 1 == $step )
Note: See TracChangeset for help on using the changeset viewer.