WordPress.org

Make WordPress Core

Changeset 7829


Ignore:
Timestamp:
04/25/2008 03:23:11 PM (10 years ago)
Author:
ryan
Message:

Move cap check up. Props mdawaffe. fixes #6838 for trunk

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/media.php

    r7827 r7829  
    1010switch( $action ) :
    1111case 'editattachment' :
     12    $attachment_id = (int) $_POST['attachment_id'];
     13    check_admin_referer('media-form');
     14
     15    if ( !current_user_can('edit_post', $attachment_id) )
     16        wp_die ( __('You are not allowed to edit this attachment.') );
     17
    1218    $errors = media_upload_form_handler();
    13     $attachment_id = (int) $_POST['attachment_id'];
     19
    1420
    1521    check_admin_referer('media-form');
Note: See TracChangeset for help on using the changeset viewer.