Changeset 38698 for trunk/src/wp-admin/includes/ajax-actions.php
- Timestamp:
- 09/30/2016 10:39:32 PM (8 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-admin/includes/ajax-actions.php
r38666 r38698 595 595 check_ajax_referer( "delete-tag_$tag_id" ); 596 596 597 if ( ! current_user_can( 'delete_term', $tag_id ) ) { 598 wp_die( -1 ); 599 } 600 597 601 $taxonomy = !empty($_POST['taxonomy']) ? $_POST['taxonomy'] : 'post_tag'; 598 $tax = get_taxonomy($taxonomy);599 600 if ( !current_user_can( $tax->cap->delete_terms ) )601 wp_die( -1 );602 603 602 $tag = get_term( $tag_id, $taxonomy ); 604 603 if ( !$tag || is_wp_error( $tag ) ) … … 797 796 $action = 'add-link-category'; 798 797 check_ajax_referer( $action ); 799 if ( !current_user_can( 'manage_categories' ) ) 800 wp_die( -1 ); 798 $tax = get_taxonomy( 'link_category' ); 799 if ( ! current_user_can( $tax->cap->manage_terms ) ) { 800 wp_die( -1 ); 801 } 801 802 $names = explode(',', wp_unslash( $_POST['newcat'] ) ); 802 803 $x = new WP_Ajax_Response(); … … 1704 1705 wp_die( 0 ); 1705 1706 1706 if ( ! current_user_can( $tax->cap->edit_terms ) ) 1707 wp_die( -1 ); 1707 if ( ! isset( $_POST['tax_ID'] ) || ! ( $id = (int) $_POST['tax_ID'] ) ) { 1708 wp_die( -1 ); 1709 } 1710 1711 if ( ! current_user_can( 'edit_term', $id ) ) { 1712 wp_die( -1 ); 1713 } 1708 1714 1709 1715 $wp_list_table = _get_list_table( 'WP_Terms_List_Table', array( 'screen' => 'edit-' . $taxonomy ) ); 1710 1711 if ( ! isset($_POST['tax_ID']) || ! ( $id = (int) $_POST['tax_ID'] ) )1712 wp_die( -1 );1713 1716 1714 1717 $tag = get_term( $id, $taxonomy );
Note: See TracChangeset
for help on using the changeset viewer.