Changeset 2714

Timestamp:

07/15/2005 02:16:45 AM (20 years ago)

Author:

ryan

Message:

More cap migration.

Location:

trunk

Files:

• wp-admin/admin-functions.php (modified) (3 diffs)
• wp-admin/categories.php (modified) (5 diffs)
• wp-admin/edit-form-advanced.php (modified) (1 diff)
• wp-admin/edit-form-comment.php (modified) (1 diff)
• wp-admin/edit.php (modified) (1 diff)
• wp-admin/link-categories.php (modified) (4 diffs)
• wp-admin/link-import.php (modified) (2 diffs)
• wp-admin/link-manager.php (modified) (12 diffs)
• wp-admin/options.php (modified) (2 diffs)
• wp-admin/page-new.php (modified) (2 diffs)
• wp-admin/plugin-editor.php (modified) (2 diffs)
• wp-admin/theme-editor.php (modified) (2 diffs)
• wp-includes/capabilities.php (modified) (1 diff)

trunk/wp-admin/admin-functions.php

@@ -445 +445 @@
 // Dandy new recursive multiple category stuff.
 function cat_rows($parent = 0, $level = 0, $categories = 0) {
-    global $wpdb, $class, $current_user;
-
-    $user_level = $current_user->user_level;
+    global $wpdb, $class;
 
     if ( !$categories )
@@ -458 +456 @@
                 $count = $wpdb->get_var("SELECT COUNT(post_id) FROM $wpdb->post2cat WHERE category_id = $category->cat_ID");
                 $pad = str_repeat('— ', $level);
-                if ( $user_level > 3 )
+                if ( current_user_can('manage_categories') )
                     $edit = "<a href='categories.php?action=edit&amp;cat_ID=$category->cat_ID' class='edit'>" . __('Edit') . "</a></td><td><a href='categories.php?action=delete&amp;cat_ID=$category->cat_ID' onclick=\"return confirm('".  sprintf(__("You are about to delete the category \'%s\'.  All of its posts will go to the default category.\\n  \'OK\' to delete, \'Cancel\' to stop."), $wpdb->escape($category->cat_name)) . "')\" class='delete'>" .  __('Delete') . "</a>";
                 else
@@ -478 +476 @@
 
 function page_rows( $parent = 0, $level = 0, $pages = 0 ) {
-    global $wpdb, $class, $user_level, $post;
+    global $wpdb, $class, $post;
     if (!$pages)
         $pages = $wpdb->get_results("SELECT * FROM $wpdb->posts WHERE post_status = 'static' ORDER BY menu_order");

trunk/wp-admin/categories.php

@@ -25 +25 @@
 case 'addcat':
 
-    if ($user_level < 3)
+    if ( !current_user_can('manage_categories') )
         die (__('Cheatin&#8217; uh?'));
     
@@ -37 +37 @@
     check_admin_referer();
 
-    if ( $user_level < 3 )
+    if ( !current_user_can('manage_categories') )
         die (__('Cheatin&#8217; uh?'));
 
@@ -94 +94 @@
 
 case 'editedcat':
-    if ($user_level < 3)
+    if ( !current_user_can('manage_categories') )
         die (__('Cheatin&#8217; uh?'));
     
@@ -116 +116 @@
 
 <div class="wrap">
-<?php if ( $user_level > 3 ) : ?>
+<?php if ( current_user_can('manage_categories') ) : ?>
     <h2><?php printf(__('Categories (<a href="%s">add new</a>)'), '#addcat') ?> </h2>
 <?php else : ?>
@@ -136 +136 @@
 </div>
 
-<?php if ( $user_level > 3 ) : ?>
+<?php if ( current_user_can('manage_categories') ) : ?>
 <div class="wrap">
     <p><?php printf(__('<strong>Note:</strong><br />Deleting a category does not delete posts from that category, it will just set them back to the default category <strong>%s</strong>.'), get_catname(1)) ?>

trunk/wp-admin/edit-form-advanced.php

@@ -98 +98 @@
 </fieldset>
 
-<?php if ($user_level > 4) : ?>
+<?php if ( current_user_can('edit_posts') ) : ?>
 <fieldset class="dbx-box">
 <h3 class="dbx-handle"><?php _e('Post Timestamp'); ?>:</h3>

trunk/wp-admin/edit-form-comment.php

@@ -72 +72 @@
     </tr>
 
-<?php if ($user_level > 4) : ?>
+<?php if ( current_user_can('edit_posts') ) : ?>
     <tr>
         <th scope="row"><?php _e('Edit time'); ?>:</th>

trunk/wp-admin/edit.php

@@ -253 +253 @@
   <?php comment_time('g:m:s a') ?> 
   <?php 
-            if (($user_level > $authordata->user_level) or ($user_login == $authordata->user_login)) {
+            if ( current_user_can('edit_post', $post->ID) ) {
                 echo "[ <a href=\"post.php?action=editcomment&amp;comment=".$comment->comment_ID."\">" .  __('Edit') . "</a>";
                 echo " - <a href=\"post.php?action=deletecomment&amp;p=".$post->ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return confirm('" . sprintf(__("You are about to delete this comment by \'%s\'\\n  \'OK\' to delete, \'Cancel\' to stop."), $comment->comment_author) . "')\">" . __('Delete') . "</a> ";

trunk/wp-admin/link-categories.php

@@ -26 +26 @@
   case 'addcat':
   {
-      if ($user_level < 5)
+      if ( !current_user_can('manage_links') )
           die (__("Cheatin' uh ?"));
 
@@ -86 +86 @@
         die(sprintf(__("Can't delete the <strong>%s</strong> link category: this is the default one"), $cat_name));
 
-    if ($user_level < 5)
+    if ( !current_user_can('manage_links') )
       die (__("Cheatin' uh ?"));
 
@@ -199 +199 @@
   case "editedcat":
   {
-    if ($user_level < 5)
+    if ( !current_user_can('manage_links') )
       die (__("Cheatin' uh ?"));
 
@@ -271 +271 @@
   {
     include_once ("admin-header.php");
-    if ($user_level < 5) {
+    if ( !current_user_can('manage_links') )
       die(__("You have do not have sufficient permissions to edit the link categories for this blog. :)"));
-    }
 ?>
 

trunk/wp-admin/link-import.php

@@ -16 +16 @@
     {
         include_once('admin-header.php');
-        if ($user_level < 5)
+        if ( !current_user_can('manage_links') )
             die (__("Cheatin&#8217; uh?"));
 
@@ -66 +66 @@
     case 1: {
                 include_once('admin-header.php');
-                if ($user_level < 5)
+                if ( !current_user_can('manage_links') )
                     die (__("Cheatin' uh ?"));
 ?>

trunk/wp-admin/link-manager.php

@@ -75 +75 @@
 
     // check the current user's level first.
-    if ($user_level < 5)
+    if ( !current_user_can('manage_links') )
       die (__("Cheatin' uh ?"));
 
@@ -86 +86 @@
     }
     $all_links = join(',', $linkcheck);
-    $results = $wpdb->get_results("SELECT link_id, link_owner, user_level FROM $wpdb->links LEFT JOIN $wpdb->users ON link_owner = ID WHERE link_id in ($all_links)");
+    $results = $wpdb->get_results("SELECT link_id, link_owner FROM $wpdb->links LEFT JOIN $wpdb->users ON link_owner = ID WHERE link_id in ($all_links)");
     foreach ($results as $row) {
-      if (($user_level >= $row->user_level)) { // ok to proceed
-        $ids_to_change[] = $row->link_id;
-      }
+       $ids_to_change[] = $row->link_id;
     }
 
@@ -105 +103 @@
 
     // check the current user's level first.
-    if ($user_level < 5)
+    if ( !current_user_can('manage_links') )
       die (__("Cheatin' uh ?"));
 
@@ -142 +140 @@
 
     // check the current user's level first.
-    if ($user_level < 5)
+    if ( !current_user_can('manage_links') )
       die (__("Cheatin' uh ?"));
 
@@ -176 +174 @@
     $auto_toggle = get_autotoggle($link_category);
 
-    if ($user_level < 5)
+    if ( !current_user_can('manage_links') )
       die (__("Cheatin' uh ?"));
 
@@ -224 +222 @@
       $auto_toggle = get_autotoggle($link_category);
 
-      if ($user_level < 5)
+      if ( !current_user_can('manage_links') )
         die (__("Cheatin' uh ?"));
 
@@ -254 +252 @@
     $link_id = (int) $_GET['link_id'];
 
-    if ($user_level < 5)
+    if ( !current_user_can('manage_links') )
       die (__("Cheatin' uh ?"));
 
@@ -275 +273 @@
     $xfn = true;
     include_once ('admin-header.php');
-    if ($user_level < 5)
+    if ( !current_user_can('manage_links') )
       die(__('You do not have sufficient permissions to edit the links for this blog.'));
 
@@ -541 +539 @@
     setcookie('links_show_order_' . COOKIEHASH, $links_show_order, time()+600);
     include_once ("./admin-header.php");
-    if ($user_level < 5) {
+    if ( !current_user_can('manage_links') )
       die(__("You do not have sufficient permissions to edit the links for this blog."));
-    }
 
     switch ($order_by)
@@ -647 +644 @@
     $sql = "SELECT link_url, link_name, link_image, link_description, link_visible,
             link_category AS cat_id, cat_name AS category, $wpdb->users.user_login, link_id,
-            link_rating, link_rel, $wpdb->users.user_level
+            link_rating, link_rel
             FROM $wpdb->links
             LEFT JOIN $wpdb->linkcategories ON $wpdb->links.link_category = $wpdb->linkcategories.cat_id
@@ -690 +687 @@
             $show_buttons = 1; // default
 
-            if ($link->user_level > $user_level) {
-              $show_buttons = 0;
-            }
-
             if ($show_buttons) {
         echo '<td><a href="link-manager.php?link_id=' . $link->link_id . '&amp;action=linkedit" class="edit">' . __('Edit') . '</a></td>';
@@ -717 +710 @@
           <?php _e('Assign ownership to:'); ?>
 <?php
-    $results = $wpdb->get_results("SELECT ID, user_login FROM $wpdb->users WHERE user_level > 0 ORDER BY ID");
+    $results = $wpdb->get_results("SELECT ID, user_login FROM $wpdb->users ORDER BY ID");
     echo "          <select name=\"newowner\" size=\"1\">\n";
     foreach ($results as $row) {

trunk/wp-admin/options.php

@@ -22 +22 @@
 }
 
-if ($user_level < 6)
+if ( !current_user_can('manage_options') )
     die ( __('Cheatin&#8217; uh?') );
 
@@ -51 +51 @@
         $options = apply_filters( 'options_to_update' , $options );
         foreach ($options as $option) {
-            // should we even bother checking?
-            if ($user_level >= $option->option_admin_level) {
-                $old_val = $option->option_value;
-                $new_val = trim($_POST[$option->option_name]);
-                if( in_array($option->option_name, $nonbools) && ( $new_val == '0' || $new_val == '') )
-                    $new_val = 'closed';
-                if ($new_val !== $old_val) {
-                    $result = $wpdb->query("UPDATE $wpdb->options SET option_value = '$new_val' WHERE option_name = '$option->option_name'");
-                    $any_changed++;
-                }
-            }
+            $old_val = $option->option_value;
+            $new_val = trim($_POST[$option->option_name]);
+            if( in_array($option->option_name, $nonbools) && ( $new_val == '0' || $new_val == '') )
+                $new_val = 'closed';
+            if ($new_val !== $old_val) {
+                $result = $wpdb->query("UPDATE $wpdb->options SET option_value = '$new_val' WHERE option_name = '$option->option_name'");
+                $any_changed++;
+            }
         }
         unset($cache_settings); // so they will be re-read

trunk/wp-admin/page-new.php

@@ -4 +4 @@
 $parent_file = 'post.php';
 require_once('admin-header.php');
-
-get_currentuserinfo();
 ?>
 
@@ -13 +11 @@
 
 <?php
-if ($user_level > 0) {
+if ( current_user_can('edit_pages') ) {
     $action = 'post';
     get_currentuserinfo();

trunk/wp-admin/plugin-editor.php

@@ -35 +35 @@
 case 'update':
 
-    if ($user_level < 5) {
+    if ( !current_user_can('edit_plugins') )
         die(__('<p>You have do not have sufficient permissions to edit templates for this blog.</p>'));
-    }
 
     $newcontent = stripslashes($_POST['newcontent']);
@@ -56 +55 @@
     
     require_once('admin-header.php');
-    if ($user_level <= 5) {
+    if ( !current_user_can('edit_plugins') )
         die(__('<p>You have do not have sufficient permissions to edit plugins for this blog.</p>'));
-    }
 
     update_recently_edited("wp-content/plugins/$file");

trunk/wp-admin/theme-editor.php

@@ -46 +46 @@
 case 'update':
 
-    if ($user_level < 5) {
+    if ( !current_user_can('edit_themes') )
         die(__('<p>You have do not have sufficient permissions to edit templates for this blog.</p>'));
-    }
 
     $newcontent = stripslashes($_POST['newcontent']);
@@ -68 +67 @@
     
     require_once('admin-header.php');
-    if ($user_level <= 5) {
+    if ( !current_user_can('edit_themes') )
         die(__('<p>You have do not have sufficient permissions to edit themes for this blog.</p>'));
-    }
 
     update_recently_edited($file);

trunk/wp-includes/capabilities.php

@@ -124 +124 @@
         $this->cap_key = $table_prefix . 'capabilities';
         $this->caps = &$this->data->{$this->cap_key};
+        if ( ! is_array($this->caps) )
+            $this->caps = array();
         $this->get_role_caps();
     }