WordPress.org
Get WordPress

Make WordPress Core


Ignore:
Timestamp:
07/23/2015 04:26:36 AM (10 years ago)
Author:
pento
Message:

Capabilities: When creating an auto-draft, ensure that the current user still has permission to do so.

Partial merge of [33357] to the 3.7 branch.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • branches/3.7/src/wp-admin/includes/dashboard.php

    r32206 r33379  
    487487        printf('<p class="easy-blogging">' . __('You can also try %s, easy blogging from anywhere on the Web.') . '</p>', '<a href="' . esc_url( admin_url( 'tools.php' ) ) . '">' . __('Press This') . '</a>' );
    488488        $_REQUEST = array(); // hack for get_default_post_to_edit()
     489    }
     490
     491    if ( ! current_user_can( 'edit_posts' ) ) {
     492        return;
    489493    }
    490494
Note: See TracChangeset for help on using the changeset viewer.