WordPress.org

Make WordPress Core


Ignore:
Timestamp:
03/21/2010 02:29:11 AM (12 years ago)
Author:
dd32
Message:

Use correct cap checks and nonces for custom post_type's

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/includes/meta-boxes.php

    r13778 r13786  
    1515    $post_type = $post->post_type;
    1616    $post_type_object = get_post_type_object($post_type);
    17     $type_cap = $post_type_object->capability_type;
    18     $can_publish = current_user_can("publish_${type_cap}s");
     17    $can_publish = current_user_can($post_type_object->publish_cap);
    1918?>
    2019<div class="submitbox" id="submitpost">
     
    195194<div id="delete-action">
    196195<?php
    197 if ( current_user_can( "delete_${type_cap}", $post->ID ) ) {
     196if ( current_user_can( "delete_post", $post->ID ) ) {
    198197    if ( !EMPTY_TRASH_DAYS ) {
    199198        $delete_url = wp_nonce_url( add_query_arg( array('action' => 'delete', 'post' => $post->ID) ), "delete-${post_type}_{$post->ID}" );
     
    408407
    409408/**
    410  * Displa comments for post table header
     409 * Display comments for post table header
    411410 *
    412411 * @since 3.0
Note: See TracChangeset for help on using the changeset viewer.