Changeset 13301 for trunk/wp-admin/ms-edit.php
- Timestamp:
- 02/22/2010 06:41:38 PM (15 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-admin/ms-edit.php
r13297 r13301 4 4 if ( !is_multisite() ) 5 5 wp_die( __('Multisite support is not enabled.') ); 6 7 if ( !is_super_admin() )8 wp_die( __('You do not have permission to access this page.') );9 6 10 7 do_action('wpmuadminedit', ''); … … 21 18 case "siteoptions": 22 19 check_admin_referer('siteoptions'); 20 if ( ! current_user_can( 'manage_network_options' ) ) 21 wp_die( __('You do not have permission to access this page.') ); 22 23 23 if ( empty( $_POST ) ) 24 24 wp_die( __("You probably need to go back to the <a href='ms-options.php'>options page</a>") ); … … 138 138 check_admin_referer('add-blog'); 139 139 140 if ( ! current_user_can( 'manage_sites' ) ) 141 wp_die( __('You do not have permission to access this page.') ); 142 140 143 if ( is_array( $_POST[ 'blog' ] ) == false ) 141 144 wp_die( "Can't create an empty blog." ); … … 188 191 case "updateblog": 189 192 check_admin_referer('editblog'); 193 if ( ! current_user_can( 'manage_sites' ) ) 194 wp_die( __('You do not have permission to access this page.') ); 195 190 196 if ( empty( $_POST ) ) 191 197 wp_die( __('You probably need to go back to the <a href="ms-sites.php">sites page</a>') ); … … 289 295 case "deleteblog": 290 296 check_admin_referer('deleteblog'); 297 if ( ! current_user_can( 'manage_sites' ) ) 298 wp_die( __('You do not have permission to access this page.') ); 299 291 300 if ( $id != '0' && $id != $current_site->blog_id ) 292 301 wpmu_delete_blog( $id, true ); … … 298 307 case "allblogs": 299 308 check_admin_referer('allblogs'); 309 if ( ! current_user_can( 'manage_sites' ) ) 310 wp_die( __('You do not have permission to access this page.') ); 311 300 312 foreach ( (array) $_POST[ 'allblogs' ] as $key => $val ) { 301 313 if ( $val != '0' && $val != $current_site->blog_id ) { … … 321 333 case "archiveblog": 322 334 check_admin_referer('archiveblog'); 335 if ( ! current_user_can( 'manage_sites' ) ) 336 wp_die( __('You do not have permission to access this page.') ); 337 323 338 update_blog_status( $id, "archived", '1' ); 324 339 do_action( "archive_blog", $id ); … … 329 344 case "unarchiveblog": 330 345 check_admin_referer('unarchiveblog'); 346 if ( ! current_user_can( 'manage_sites' ) ) 347 wp_die( __('You do not have permission to access this page.') ); 348 331 349 do_action( "unarchive_blog", $id ); 332 350 update_blog_status( $id, "archived", '0' ); … … 337 355 case "activateblog": 338 356 check_admin_referer('activateblog'); 357 if ( ! current_user_can( 'manage_sites' ) ) 358 wp_die( __('You do not have permission to access this page.') ); 359 339 360 update_blog_status( $id, "deleted", '0' ); 340 361 do_action( "activate_blog", $id ); … … 345 366 case "deactivateblog": 346 367 check_admin_referer('deactivateblog'); 368 if ( ! current_user_can( 'manage_sites' ) ) 369 wp_die( __('You do not have permission to access this page.') ); 370 347 371 do_action( "deactivate_blog", $id ); 348 372 update_blog_status( $id, "deleted", '1' ); … … 353 377 case "unspamblog": 354 378 check_admin_referer('unspamblog'); 379 if ( ! current_user_can( 'manage_sites' ) ) 380 wp_die( __('You do not have permission to access this page.') ); 381 355 382 update_blog_status( $id, "spam", '0' ); 356 383 wp_redirect( add_query_arg( array('updated' => 'true', 'action' => 'unspam'), $_POST['ref'] ) ); … … 360 387 case "spamblog": 361 388 check_admin_referer('spamblog'); 389 if ( ! current_user_can( 'manage_sites' ) ) 390 wp_die( __('You do not have permission to access this page.') ); 391 362 392 update_blog_status( $id, "spam", '1' ); 363 393 wp_redirect( add_query_arg( array('updated' => 'true', 'action' => 'spam'), $_POST['ref'] ) ); … … 382 412 // Themes 383 413 case "updatethemes": 414 if ( ! current_user_can( 'manage_network_themes' ) ) 415 wp_die( __('You do not have permission to access this page.') ); 416 384 417 if ( is_array( $_POST['theme'] ) ) { 385 418 $themes = get_themes(); … … 439 472 case "allusers": 440 473 check_admin_referer('allusers'); 474 if ( ! current_user_can( 'manage_network_users' ) ) 475 wp_die( __('You do not have permission to access this page.') ); 476 441 477 if ( isset($_POST['alluser_delete']) ) { 442 478 require_once('admin-header.php'); … … 488 524 case "adduser": 489 525 check_admin_referer('add-user'); 526 if ( ! current_user_can( 'manage_network_users' ) ) 527 wp_die( __('You do not have permission to access this page.') ); 490 528 491 529 if ( is_array( $_POST[ 'user' ] ) == false )
Note: See TracChangeset
for help on using the changeset viewer.