Make WordPress Core

Changeset 17332


Ignore:
Timestamp:
01/20/2011 03:04:20 AM (14 years ago)
Author:
nacin
Message:

Correct user admin redirection checks, and deny access to the user admin when not running multisite. fixes #16297.

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/user/admin.php

    r16847 r17332  
    1212require_once( dirname(dirname(__FILE__)) . '/admin.php');
    1313
     14if ( ! is_multisite() ) {
     15    wp_redirect( admin_url() );
     16    exit;
     17}
     18
    1419if ( ! is_main_site() ) {
    1520    wp_redirect( user_admin_url() );
  • trunk/wp-login.php

    r17102 r17332  
    587587        if ( is_multisite() && !get_active_blog_for_user($user->id) )
    588588            $redirect_to = user_admin_url();
    589         elseif ( !is_multisite() && !$user->has_cap('read') )
     589        elseif ( is_multisite() && !$user->has_cap('read') )
    590590            $redirect_to = user_admin_url();
    591591        elseif ( !$user->has_cap('edit_posts') && ( empty( $redirect_to ) || $redirect_to == 'wp-admin/' || $redirect_to == admin_url() ) )
Note: See TracChangeset for help on using the changeset viewer.