WordPress.org

Make WordPress Core

Changeset 31116


Ignore:
Timestamp:
01/09/2015 09:06:13 PM (6 years ago)
Author:
wonderboymusic
Message:

In Custom_Background and Custom_Header:

  • In ->init(), don't check current_user_can() since add_theme_page() will return false immediately if the cap check fails.
  • Bail if add_theme_page() returns false
  • wp_check_filetype_and_ext() doesn't need a 3rd param, it already defaults to null. Passing false would fail a strict check.

See #30799.

Location:
trunk/src/wp-admin
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/custom-background.php

    r30885 r31116  
    126126     */
    127127    public function init() {
    128         if ( ! current_user_can('edit_theme_options') )
     128        $page = add_theme_page( __( 'Background' ), __( 'Background' ), 'edit_theme_options', 'custom-background', array( $this, 'admin_page' ) );
     129        if ( ! $page ) {
    129130            return;
    130 
    131         $this->page = $page = add_theme_page(__('Background'), __('Background'), 'edit_theme_options', 'custom-background', array($this, 'admin_page'));
    132 
    133         add_action("load-$page", array($this, 'admin_load'));
    134         add_action("load-$page", array($this, 'take_action'), 49);
    135         add_action("load-$page", array($this, 'handle_upload'), 49);
    136 
    137         if ( $this->admin_header_callback )
    138             add_action("admin_head-$page", $this->admin_header_callback, 51);
     131        }
     132
     133        $this->page = $page;
     134
     135        add_action( "load-$page", array( $this, 'admin_load' ) );
     136        add_action( "load-$page", array( $this, 'take_action' ), 49 );
     137        add_action( "load-$page", array( $this, 'handle_upload' ), 49 );
     138
     139        if ( $this->admin_header_callback ) {
     140            add_action( "admin_head-$page", $this->admin_header_callback, 51 );
     141        }
    139142    }
    140143
     
    428431
    429432        $uploaded_file = $_FILES['import'];
    430         $wp_filetype = wp_check_filetype_and_ext( $uploaded_file['tmp_name'], $uploaded_file['name'], false );
     433        $wp_filetype = wp_check_filetype_and_ext( $uploaded_file['tmp_name'], $uploaded_file['name'] );
    431434        if ( ! wp_match_mime_types( 'image', $wp_filetype['type'] ) )
    432435            wp_die( __( 'The uploaded file is not a valid image. Please try again.' ) );
  • trunk/src/wp-admin/custom-header.php

    r31034 r31116  
    144144     */
    145145    public function init() {
    146         if ( ! current_user_can('edit_theme_options') )
     146        $page = add_theme_page( __( 'Header' ), __( 'Header' ), 'edit_theme_options', 'custom-header', array( $this, 'admin_page' ) );
     147        if ( ! $page ) {
    147148            return;
    148 
    149         $this->page = $page = add_theme_page(__('Header'), __('Header'), 'edit_theme_options', 'custom-header', array($this, 'admin_page'));
    150 
    151         add_action("admin_print_scripts-$page", array($this, 'js_includes'));
    152         add_action("admin_print_styles-$page", array($this, 'css_includes'));
    153         add_action("admin_head-$page", array($this, 'help') );
    154         add_action("admin_head-$page", array($this, 'take_action'), 50);
    155         add_action("admin_head-$page", array($this, 'js'), 50);
    156         if ( $this->admin_header_callback )
    157             add_action("admin_head-$page", $this->admin_header_callback, 51);
    158 
     149        }
     150
     151        $this->page = $page;
     152
     153        add_action( "admin_print_scripts-$page", array( $this, 'js_includes' ) );
     154        add_action( "admin_print_styles-$page", array( $this, 'css_includes' ) );
     155        add_action( "admin_head-$page", array( $this, 'help' ) );
     156        add_action( "admin_head-$page", array( $this, 'take_action' ), 50 );
     157        add_action( "admin_head-$page", array( $this, 'js' ), 50 );
     158        if ( $this->admin_header_callback ) {
     159            add_action( "admin_head-$page", $this->admin_header_callback, 51 );
     160        }
    159161    }
    160162
     
    863865
    864866        $uploaded_file = $_FILES['import'];
    865         $wp_filetype = wp_check_filetype_and_ext( $uploaded_file['tmp_name'], $uploaded_file['name'], false );
     867        $wp_filetype = wp_check_filetype_and_ext( $uploaded_file['tmp_name'], $uploaded_file['name'] );
    866868        if ( ! wp_match_mime_types( 'image', $wp_filetype['type'] ) )
    867869            wp_die( __( 'The uploaded file is not a valid image. Please try again.' ) );
Note: See TracChangeset for help on using the changeset viewer.