Make WordPress Core

Changeset 6508


Ignore:
Timestamp:
12/28/2007 12:47:45 AM (17 years ago)
Author:
ryan
Message:

Some cap checks for app from josephscott.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/2.3/wp-app.php

    r6506 r6508  
    160160    function get_service() {
    161161        log_app('function','get_service()');
     162
     163        if( !current_user_can( 'edit_posts' ) )
     164            $this->auth_required( __( 'Sorry, you do not have the right to access this blog.' ) );
     165
    162166        $entries_url = attribute_escape($this->get_entries_url());
    163167        $categories_url = attribute_escape($this->get_categories_url());
     
    189193
    190194    function get_categories_xml() {
    191 
    192195        log_app('function','get_categories_xml()');
     196
     197        if( !current_user_can( 'edit_posts' ) )
     198            $this->auth_required( __( 'Sorry, you do not have the right to access this blog.' ) );
     199
    193200        $home = attribute_escape(get_bloginfo_rss('home'));
    194201
     
    283290
    284291    function get_post($postID) {
    285 
    286292        global $entry;
     293
     294        if( !current_user_can( 'edit_post', $postID ) )
     295            $this->auth_required( __( 'Sorry, you do not have the right to access this post.' ) );
     296
    287297        $this->set_current_entry($postID);
    288298        $output = $this->get_entry($postID);
     
    373383
    374384    function get_attachment($postID = NULL) {
    375 
    376         global $entry;
     385        if( !current_user_can( 'upload_files' ) )
     386            $this->auth_required( __( 'Sorry, you do not have the right to file uploads on this blog.' ) );
     387
    377388        if (!isset($postID)) {
    378389            $this->get_attachments();
Note: See TracChangeset for help on using the changeset viewer.