' . __( 'The current theme does not support uploading a custom header image.' ) . '
', + 403 ); + } if ( empty( $_POST ) && isset( $_GET['file'] ) ) { $attachment_id = absint( $_GET['file'] ); @@ -832,11 +836,19 @@ public function step_3() { check_admin_referer( 'custom-header-crop-image' ); - if ( ! current_theme_supports( 'custom-header', 'uploads' ) ) - wp_die( __( 'Cheatin’ uh?' ), 403 ); + if ( ! current_theme_supports( 'custom-header', 'uploads' ) ) { + wp_die( + '' . __( 'The current theme does not support uploading a custom header image.' ) . '
', + 403 ); + } - if ( ! empty( $_POST['skip-cropping'] ) && ! ( current_theme_supports( 'custom-header', 'flex-height' ) || current_theme_supports( 'custom-header', 'flex-width' ) ) ) - wp_die( __( 'Cheatin’ uh?' ), 403 ); + if ( ! empty( $_POST['skip-cropping'] ) && ! ( current_theme_supports( 'custom-header', 'flex-height' ) || current_theme_supports( 'custom-header', 'flex-width' ) ) ) { + wp_die( + '' . __( 'The current theme does not support a flexible sized header image.' ) . '
', + 403 ); + } if ( $_POST['oitar'] > 1 ) { $_POST['x1'] = $_POST['x1'] * $_POST['oitar']; Index: src/wp-admin/customize.php =================================================================== --- src/wp-admin/customize.php (revision 31408) +++ src/wp-admin/customize.php (working copy) @@ -13,7 +13,10 @@ require_once( dirname( __FILE__ ) . '/admin.php' ); if ( ! current_user_can( 'customize' ) ) { - wp_die( __( 'Cheatin’ uh?' ), 403 ); + wp_die( + '' . __( 'You are not allowed to customize the site's appearance.' ) . '
', + 403 ); } wp_reset_vars( array( 'url', 'return' ) ); Index: src/wp-admin/edit-comments.php =================================================================== --- src/wp-admin/edit-comments.php (revision 31408) +++ src/wp-admin/edit-comments.php (working copy) @@ -8,8 +8,12 @@ /** WordPress Administration Bootstrap */ require_once( dirname( __FILE__ ) . '/admin.php' ); -if ( !current_user_can('edit_posts') ) - wp_die( __( 'Cheatin’ uh?' ), 403 ); +if ( !current_user_can('edit_posts') ) { + wp_die( + '' . __( 'You are not allowed to edit posts.' ) . '
', + 403 ); +} $wp_list_table = _get_list_table('WP_Comments_List_Table'); $pagenum = $wp_list_table->get_pagenum(); Index: src/wp-admin/edit-tags.php =================================================================== --- src/wp-admin/edit-tags.php (revision 31408) +++ src/wp-admin/edit-tags.php (working copy) @@ -17,9 +17,14 @@ if ( ! $tax ) wp_die( __( 'Invalid taxonomy' ) ); -if ( ! current_user_can( $tax->cap->manage_terms ) ) - wp_die( __( 'Cheatin’ uh?' ), 403 ); +if ( ! current_user_can( $tax->cap->manage_terms ) ) { + wp_die( + '' . __( 'You are not allowed to manage these items.' ) . '
', + 403 ); +} + // $post_type is set when the WP_Terms_List_Table instance is created global $post_type; @@ -49,8 +54,12 @@ check_admin_referer( 'add-tag', '_wpnonce_add-tag' ); - if ( !current_user_can( $tax->cap->edit_terms ) ) - wp_die( __( 'Cheatin’ uh?' ), 403 ); + if ( ! current_user_can( $tax->cap->edit_terms ) ) { + wp_die( + '' . __( 'You are not allowed to edit create this item.' ) . '
', + 403 ); + } $ret = wp_insert_term( $_POST['tag-name'], $taxonomy, $_POST ); $location = 'edit-tags.php?taxonomy=' . $taxonomy; @@ -85,8 +94,12 @@ $tag_ID = (int) $_REQUEST['tag_ID']; check_admin_referer( 'delete-tag_' . $tag_ID ); - if ( !current_user_can( $tax->cap->delete_terms ) ) - wp_die( __( 'Cheatin’ uh?' ), 403 ); + if ( !current_user_can( $tax->cap->delete_terms ) ) { + wp_die( + '' . __( 'You are not allowed to delete this item.' ) . '
', + 403 ); + } wp_delete_term( $tag_ID, $taxonomy ); @@ -97,8 +110,12 @@ case 'bulk-delete': check_admin_referer( 'bulk-tags' ); - if ( !current_user_can( $tax->cap->delete_terms ) ) - wp_die( __( 'Cheatin’ uh?' ), 403 ); + if ( !current_user_can( $tax->cap->delete_terms ) ) { + wp_die( + '' . __( 'You are not allowed to delete these items.' ) . '
', + 403 ); + } $tags = (array) $_REQUEST['delete_tags']; foreach ( $tags as $tag_ID ) { @@ -135,8 +152,12 @@ $tag_ID = (int) $_POST['tag_ID']; check_admin_referer( 'update-tag_' . $tag_ID ); - if ( !current_user_can( $tax->cap->edit_terms ) ) - wp_die( __( 'Cheatin’ uh?' ), 403 ); + if ( !current_user_can( $tax->cap->edit_terms ) ) { + wp_die( + '' . __( 'You are not allowed to edit this item.' ) . '
', + 403 ); + } $tag = get_term( $tag_ID, $taxonomy ); if ( ! $tag ) @@ -248,8 +269,12 @@ require_once( ABSPATH . 'wp-admin/admin-header.php' ); -if ( !current_user_can($tax->cap->edit_terms) ) - wp_die( __('You are not allowed to edit this item.') ); +if ( !current_user_can($tax->cap->edit_terms) ) { + wp_die( + '' . __( 'You are not allowed to edit these items.' ) . '
', + 403 ); +} $messages = array(); $messages['_item'] = array( Index: src/wp-admin/edit.php =================================================================== --- src/wp-admin/edit.php (revision 31408) +++ src/wp-admin/edit.php (working copy) @@ -26,8 +26,12 @@ if ( ! $post_type_object ) wp_die( __( 'Invalid post type' ) ); -if ( ! current_user_can( $post_type_object->cap->edit_posts ) ) - wp_die( __( 'Cheatin’ uh?' ), 403 ); +if ( ! current_user_can( $post_type_object->cap->edit_posts ) ) { + wp_die( + '' . __( 'You are not allowed to edit these items.' ) . '
', + 403 ); +} $wp_list_table = _get_list_table('WP_Posts_List_Table'); $pagenum = $wp_list_table->get_pagenum(); Index: src/wp-admin/includes/bookmark.php =================================================================== --- src/wp-admin/includes/bookmark.php (revision 31408) +++ src/wp-admin/includes/bookmark.php (working copy) @@ -26,8 +26,12 @@ * @return int|WP_Error Value 0 or WP_Error on failure. The link ID on success. */ function edit_link( $link_id = 0 ) { - if ( !current_user_can( 'manage_links' ) ) - wp_die( __( 'Cheatin’ uh?' ), 403 ); + if ( !current_user_can( 'manage_links' ) ) { + wp_die( + '' . __( 'You are not allowed to edit links.' ) . '
', + 403 ); + } $_POST['link_url'] = esc_html( $_POST['link_url'] ); $_POST['link_url'] = esc_url($_POST['link_url']); Index: src/wp-admin/media-upload.php =================================================================== --- src/wp-admin/media-upload.php (revision 31408) +++ src/wp-admin/media-upload.php (working copy) @@ -36,7 +36,10 @@ } if ( ! empty( $_REQUEST['post_id'] ) && ! current_user_can( 'edit_post' , $_REQUEST['post_id'] ) ) { - wp_die( __( 'Cheatin’ uh?' ), 403 ); + wp_die( + '' . __( 'You are not allowed to edit this post.' ) . '
', + 403 ); } // Upload type: image, video, file, ..? Index: src/wp-admin/nav-menus.php =================================================================== --- src/wp-admin/nav-menus.php (revision 31408) +++ src/wp-admin/nav-menus.php (working copy) @@ -19,8 +19,12 @@ wp_die( __( 'Your theme does not support navigation menus or widgets.' ) ); // Permissions Check -if ( ! current_user_can('edit_theme_options') ) - wp_die( __( 'Cheatin’ uh?' ), 403 ); +if ( ! current_user_can('edit_theme_options') ) { + wp_die( + '' . __( 'You are not allowed to manage theme options.' ) . '
', + 403 ); +} wp_enqueue_script( 'nav-menu' ); Index: src/wp-admin/network/site-users.php =================================================================== --- src/wp-admin/network/site-users.php (revision 31408) +++ src/wp-admin/network/site-users.php (working copy) @@ -132,8 +132,12 @@ $user_id = (int) $user_id; // If the user doesn't already belong to the blog, bail. - if ( !is_user_member_of_blog( $user_id ) ) - wp_die( __( 'Cheatin’ uh?' ), 403 ); + if ( !is_user_member_of_blog( $user_id ) ) { + wp_die( + '' . __( 'One of the selected users is not a member of this site.' ) . '
', + 403 ); + } $user = get_userdata( $user_id ); $user->set_role( $_REQUEST['new_role'] ); Index: src/wp-admin/options.php =================================================================== --- src/wp-admin/options.php (revision 31408) +++ src/wp-admin/options.php (working copy) @@ -44,8 +44,12 @@ $capability = apply_filters( "option_page_capability_{$option_page}", $capability ); } -if ( !current_user_can( $capability ) ) - wp_die( __( 'Cheatin’ uh?' ), 403 ); +if ( !current_user_can( $capability ) ) { + wp_die( + '' . __( 'You are not allowed to manage these options.' ) . '
', + 403 ); +} // Handle admin email change requests if ( is_multisite() ) { @@ -68,8 +72,12 @@ } } -if ( is_multisite() && !is_super_admin() && 'update' != $action ) - wp_die( __( 'Cheatin’ uh?' ), 403 ); +if ( is_multisite() && !is_super_admin() && 'update' != $action ) { + wp_die( + '' . __( 'You are not allowed to edit options.' ) . '
', + 403 ); +} $whitelist_options = array( 'general' => array( 'blogname', 'blogdescription', 'gmt_offset', 'date_format', 'time_format', 'start_of_week', 'timezone_string', 'WPLANG' ), Index: src/wp-admin/post-new.php =================================================================== --- src/wp-admin/post-new.php (revision 31408) +++ src/wp-admin/post-new.php (working copy) @@ -49,8 +49,12 @@ $editing = true; -if ( ! current_user_can( $post_type_object->cap->edit_posts ) || ! current_user_can( $post_type_object->cap->create_posts ) ) - wp_die( __( 'Cheatin’ uh?' ), 403 ); +if ( ! current_user_can( $post_type_object->cap->edit_posts ) || ! current_user_can( $post_type_object->cap->create_posts ) ) { + wp_die( + '' . __( 'You are not allowed to create these items.' ) . '
', + 403 ); +} // Schedule auto-draft cleanup if ( ! wp_next_scheduled( 'wp_scheduled_auto_draft_delete' ) ) Index: src/wp-admin/press-this.php =================================================================== --- src/wp-admin/press-this.php (revision 31408) +++ src/wp-admin/press-this.php (working copy) @@ -13,8 +13,12 @@ header('Content-Type: ' . get_option('html_type') . '; charset=' . get_option('blog_charset')); -if ( ! current_user_can( 'edit_posts' ) || ! current_user_can( get_post_type_object( 'post' )->cap->create_posts ) ) - wp_die( __( 'Cheatin’ uh?' ), 403 ); +if ( ! current_user_can( 'edit_posts' ) || ! current_user_can( get_post_type_object( 'post' )->cap->create_posts ) ) { + wp_die( + '' . __( 'You are not allowed to create posts.' ) . '
', + 403 ); +} /** * Press It form handler. Index: src/wp-admin/themes.php =================================================================== --- src/wp-admin/themes.php (revision 31408) +++ src/wp-admin/themes.php (working copy) @@ -9,15 +9,29 @@ /** WordPress Administration Bootstrap */ require_once( dirname( __FILE__ ) . '/admin.php' ); -if ( !current_user_can('switch_themes') && !current_user_can('edit_theme_options') ) - wp_die( __( 'Cheatin’ uh?' ), 403 ); +if ( !current_user_can('switch_themes') && !current_user_can('edit_theme_options') ) { + wp_die( + '' . __( 'You are not allowed to manage themes.' ) . '
', + 403 ); +} if ( current_user_can( 'switch_themes' ) && isset($_GET['action'] ) ) { if ( 'activate' == $_GET['action'] ) { check_admin_referer('switch-theme_' . $_GET['stylesheet']); $theme = wp_get_theme( $_GET['stylesheet'] ); - if ( ! $theme->exists() || ! $theme->is_allowed() ) - wp_die( __( 'Cheatin’ uh?' ), 403 ); + if ( ! $theme->exists() ) { + wp_die( + '' . __( 'This theme does not exist.' ) . '
', + 403 ); + } + if ( ! $theme->is_allowed() ) { + wp_die( + '' . __( 'This theme is not allowed to be activated on this site.' ) . '
', + 403 ); + } switch_theme( $theme->get_stylesheet() ); wp_redirect( admin_url('themes.php?activated=true') ); exit; @@ -24,8 +38,18 @@ } elseif ( 'delete' == $_GET['action'] ) { check_admin_referer('delete-theme_' . $_GET['stylesheet']); $theme = wp_get_theme( $_GET['stylesheet'] ); - if ( !current_user_can('delete_themes') || ! $theme->exists() ) - wp_die( __( 'Cheatin’ uh?' ), 403 ); + if ( !current_user_can('delete_themes') ) { + wp_die( + '' . __( 'You are not allowed to delete themes.' ) . '
', + 403 ); + } + if ( ! $theme->exists() ) { + wp_die( + '' . __( 'This theme does not exist.' ) . '
', + 403 ); + } $active = wp_get_theme(); if ( $active->get( 'Template' ) == $_GET['stylesheet'] ) { wp_redirect( admin_url( 'themes.php?delete-active-child=true' ) ); Index: src/wp-admin/user-new.php =================================================================== --- src/wp-admin/user-new.php (revision 31408) +++ src/wp-admin/user-new.php (working copy) @@ -10,10 +10,17 @@ require_once( dirname( __FILE__ ) . '/admin.php' ); if ( is_multisite() ) { - if ( ! current_user_can( 'create_users' ) && ! current_user_can( 'promote_users' ) ) - wp_die( __( 'Cheatin’ uh?' ), 403 ); + if ( ! current_user_can( 'create_users' ) && ! current_user_can( 'promote_users' ) ) { + wp_die( + '' . __( 'You are not allowed to create users.' ) . '
', + 403 ); + } } elseif ( ! current_user_can( 'create_users' ) ) { - wp_die( __( 'Cheatin’ uh?' ), 403 ); + wp_die( + '' . __( 'You are not allowed to create users.' ) . '
', + 403 ); } if ( is_multisite() ) { @@ -54,8 +61,12 @@ die(); } - if ( ! current_user_can('promote_user', $user_details->ID) ) - wp_die( __( 'Cheatin’ uh?' ), 403 ); + if ( ! current_user_can('promote_user', $user_details->ID) ) { + wp_die( + '' . __( 'You are not allowed to add the user to this site.' ) . '
', + 403 ); + } // Adding an existing user to this blog $new_user_email = $user_details->user_email; @@ -91,8 +102,12 @@ } elseif ( isset($_REQUEST['action']) && 'createuser' == $_REQUEST['action'] ) { check_admin_referer( 'create-user', '_wpnonce_create-user' ); - if ( ! current_user_can('create_users') ) - wp_die( __( 'Cheatin’ uh?' ), 403 ); + if ( ! current_user_can('create_users') ) { + wp_die( + '' . __( 'You are not allowed to create users.' ) . '
', + 403 ); + } if ( ! is_multisite() ) { $user_id = edit_user(); Index: src/wp-admin/users.php =================================================================== --- src/wp-admin/users.php (revision 31408) +++ src/wp-admin/users.php (working copy) @@ -9,8 +9,12 @@ /** WordPress Administration Bootstrap */ require_once( dirname( __FILE__ ) . '/admin.php' ); -if ( ! current_user_can( 'list_users' ) ) - wp_die( __( 'Cheatin’ uh?' ), 403 ); +if ( ! current_user_can( 'list_users' ) ) { + wp_die( + '' . __( 'You are not allowed to browse users.' ) . '
', + 403 ); +} $wp_list_table = _get_list_table('WP_Users_List_Table'); $pagenum = $wp_list_table->get_pagenum(); @@ -127,8 +131,12 @@ } // If the user doesn't already belong to the blog, bail. - if ( is_multisite() && !is_user_member_of_blog( $id ) ) - wp_die( __( 'Cheatin’ uh?' ), 403 ); + if ( is_multisite() && !is_user_member_of_blog( $id ) ) { + wp_die( + '' . __( 'One of the selected users is not a member of this site.' ) . '
', + 403 ); + } $user = get_userdata( $id ); $user->set_role($_REQUEST['new_role']); Index: src/wp-admin/widgets.php =================================================================== --- src/wp-admin/widgets.php (revision 31408) +++ src/wp-admin/widgets.php (working copy) @@ -12,8 +12,12 @@ /** WordPress Administration Widgets API */ require_once(ABSPATH . 'wp-admin/includes/widgets.php'); -if ( ! current_user_can('edit_theme_options') ) - wp_die( __( 'Cheatin’ uh?' ), 403 ); +if ( ! current_user_can('edit_theme_options') ) { + wp_die( + '' . __( 'You are not allowed to manage widgets.' ) . '
', + 403 ); +} $widgets_access = get_user_setting( 'widgets_access' ); if ( isset($_GET['widgets-access']) ) {