WordPress.org

Make WordPress Core

Changeset 7829


Ignore:
Timestamp:
04/25/08 15:23:11 (7 years ago)
Author:
ryan
Message:

Move cap check up. Props mdawaffe. fixes #6838 for trunk

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/media.php

    r7827 r7829  
    1010switch( $action ) : 
    1111case 'editattachment' : 
     12    $attachment_id = (int) $_POST['attachment_id']; 
     13    check_admin_referer('media-form'); 
     14 
     15    if ( !current_user_can('edit_post', $attachment_id) ) 
     16        wp_die ( __('You are not allowed to edit this attachment.') ); 
     17 
    1218    $errors = media_upload_form_handler(); 
    13     $attachment_id = (int) $_POST['attachment_id']; 
     19 
    1420 
    1521    check_admin_referer('media-form'); 
Note: See TracChangeset for help on using the changeset viewer.