Changeset 17332

Timestamp:

01/20/11 03:04:20 (7 years ago)

Author:

nacin

Message:

Correct user admin redirection checks, and deny access to the user admin when not running multisite. fixes #16297.

Location:

trunk

Files:

• wp-admin/user/admin.php (modified) (1 diff)
• wp-login.php (modified) (1 diff)

trunk/wp-admin/user/admin.php

@@ -12 +12 @@
 require_once( dirname(dirname(__FILE__)) . '/admin.php');
 
+if ( ! is_multisite() ) {
+    wp_redirect( admin_url() );
+    exit;
+}
+
 if ( ! is_main_site() ) {
     wp_redirect( user_admin_url() );

trunk/wp-login.php

@@ -587 +587 @@
         if ( is_multisite() && !get_active_blog_for_user($user->id) )
             $redirect_to = user_admin_url();
-        elseif ( !is_multisite() && !$user->has_cap('read') )
+        elseif ( is_multisite() && !$user->has_cap('read') )
             $redirect_to = user_admin_url();
         elseif ( !$user->has_cap('edit_posts') && ( empty( $redirect_to ) || $redirect_to == 'wp-admin/' || $redirect_to == admin_url() ) )